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Abstract (Basic) : 

The automatic burning of a digital signature into the memory 
of an electronic device and a smart card is accomplished by 
means of the programming voltage supply line. Hence, both the 
electronic device and the smart card contain the same digital 
signature which can be checked for a match every time the card is 
inserted into the... 

The figure shows a flow diagram of the auto-burning of a 
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Detailed Description 
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with digital certificates. The digital signature and digital 
certificates may be used by the ATM to validate that the processing 
components originate from a trusted source of processing components. Also 
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Fulltext Word Count: 12819 

Fulltext Availability: 
Detailed Description 

English Abstract 

...been created and auto-burned, control is passed to a software program 
that authenticates the digital signatures burned in the electronic 
device (101) and the smart card . If these digital signatures are 
found to match then normal operation of the electronic device (101) is 
permitted, otherwise... 

Detailed Description 

... memory and to the memory means of an intelligent token device. The 
functionality of said electronic device is disabled unless a smart 
card with a matching digital signature is 

3 

inserted in an intelligent token device reader/writer that is connected 
to the .. ..signature area of the flash memory of the electronic device. 
From this process, both the electronic device and the smart card 
contain the same digital signature that are checked for a match every 
time the smart card is inserted in the... 

...authentication procedure involves the sending of the digital signature 
stored in the microprocessor of the electronic device to the smart 
card . An electronic device digital signature Test Number (T" ) 
and Witness Number (t) are also sent for the operation of the. . . 

...generation of the smart card's digital signature Test Number (T 1 ) . Iff@ 
= T" then the digital signatures of the electronic device and the 
inserted smart card match and the normal operation of the electronic 
device is allowed to continue. 
BRIEF DESCRIPTION... 

...a flow chart that show the continuation of the auto-burning process in 
both the electronic device and smart card after the creation of 
the digital signature by said smart card. 

FIGS 3G, 3H and 31 together comprise a portion of a... is the sending of a 
command by the application software of the microprocessor of the 
electronic device to the smart card to initiate the digital 
signature creation and auto burning process 317. Once said process is 
initiated by the small card. .. Figures 3E and 3F show the continuation of 
the auto-burning process in both the electronic device and smart 
card after the creation of the digital signature by said smart card. 

With the creation and storage of the digital signature and start... 
signature authentication procedure, which if the digital signature in the 
electronic device microprocessor matches the digital signature in the 
inserted smart card , normal operation of the electronic device is 
allowed and the electronic device microprocessor waits for its next 
instructions . 

1 6 

Correcting. . .device waits for a command from the smart card 473 which 
will indicate if the digital signature of the inserted smart card 
matches that of said electronic device . 

Once received by the smart card , said encoded and encrypted Witness 
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Number RS(E(t)) is decoded 475 using the error... 

..compared to the Test Number (T n ) generated by the electronic device to 
determine if the digital signatures of said electronic device and 
the inserted smart card are a match 481. If T' = T" then a match is 
confirmed and a command. . . 
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...SPECIFICATION FIG. 1 and FIGs. 4A and 4B; 

FIGs. 3E-3G is a flowchart of a digital certificate authentication 
routine that may be performed by one or more of the security elements or 

...key generation and signing routine, and FIGs. 3E-3G illustrates an 
authentication routine using the digital certificates and key 
generated by the certification authority initialization routine and the 
key generation and signing ... g . , RSA-public-key algorithm for both 
encryption and authentication, ElGamal, and elliptical curves); (4) 
digital signature schemes using public-private key-pairs (e.g., RSA, 
digital signature algorithm-DSA, ElGamal signatures); (5) symmetric 
encryption (e.g., Triple-DES, AES, Algorithm X, etc... 

...configured as an RSA ACE/Server and a Policy Server), the SecurlD 
functions like an ATM card for the secure gaming network environment 
10. The SecurlD requires a user (i.e... 
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...secure communication apparatus 24, 30, for example, MACs, one-way hash 
algorithms, public-key cryptography, digital signature schemes (e.g., 
code signing), symmetric encryption, session keys (i.e., a key that is... 

...to invert. In that case, the data integrity system can be configured to 
scan using cryptographic signatures of file content in addition to 
scanning for file name changes. The data integrity system. . .protocol . If 
the VPN tunneling protocol is not properly implemented (via an 
inappropriate encryption algorithm, digital signature algorithm, and 
so forth) , however, one or more non-authentic data packets may exploit 
the. . . 

...or more of symmetric encryption, message authentication codes, 
public- key encryption, one way hash functions, digital signature 
schemes, random number generator schemes, or combinations. Moreover, the 
cryptographic protocol provided by the integrity. . . 

...lib. Key-Based Routines For Ensuring Integrity, Authentication, and 
Non-repudiation 

Symmetric cryptosystems that use secret keys for encryption of 
plaintext messages and decryption of the resulting ciphertext messages, 
are one type . . . 

. . .multiple-key public key cryptosystems that use public keys for 

encryption of plaintext messages (or digital signatures ) and private 
keys for decryption of resulting ciphertext messages, are another type 
of key-based algorithm. Generally, symmetric. . . 

...of key-based algorithms, generation, management, and control (including 
key transmission) of secret, public, and private keys requires a 
level of protection equivalent to the level of protection sought for the 
data . . . 

. . .between the first and second gaming devices, in one embodiment. 

Public-private Key-pair and Secret Keys : 

Private-public key-pairs used by the gaming devices of the secure 
gaming system environment . . . 

...generator) or by using • techniques such as key-crunching to convert 

randomly selected phrases into private keys . The private key may also 
be generated randomly using a cryptographic algorithm such as triple... 

...be accomplished by using a trusted courier (e.g., a casino employee), by 
using a digital signature protocol using a public key database, or by 
using a key distribution center (discussed below. . . 

...of security required. For example, utilization of the trusted courier, 
the key-encryption key, the . digital signature protocol using a public 
key database, the one-way hash function, the key distribution center... 

...key certificates derived from a series of certification authority 

entities and linked or chained via digital signatures (discussed in 
connection with FIGs . 3C and 3D). In the case of a series of... 

. . .a certificate) . 

The public key certificate is a digitized certificate referred to 
herein as a " digital certificate " and may be viewed as an electronic 
passport equivalent to prove identity of associated gaming. . . 
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...number of ways, including, for example, using MACs, one-way hash 

algorithms, public-key cryptography, digital signature schemes using 
a pair of keys - a public key and a private key, symmetric encryption. . . 
example, a coaxial cable connection, a phone line connection, wireline 
frame relay connection, a wireline ATM connection, a wireline Ethernet 
connection, etc. Thus, gaming data may be transmitted from the customer 
. . .more individual authentication protocols, for example, MACs, one-way 
hash algorithms, public-key cryptography (PKI), digital signature 
schemes or code signing, symmetric encryption, session keys, and random 
number generators, to name a... 

. . . CLAIMS message authentication code protocol, a one-way hash protocol, a 
public- key cryptography protocol, a digital signature protocol, a 
symmetric encryption protocol, and a random number generator 
protocol . 
14. A gaming system... 
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...SPECIFICATION that a digital platform is operating as intended. 
Encrypting the communication channels or using conventional digital 
signatures may prevent content from being unknowingly modified during 
transmission; however, these techniques do not provide. . . 

...the operations for recovering the combined result, inclusive of TAEH and 
MH, from the notary digital signature . 

Figure 8 is an illustrative block diagram of an embodiment of the 
present invention in. . . 

...content" is generally defined as (i) control information (e.g., Internet 
Protocol "IP" commands, keys, digital signatures , digital 
certificates , etc.), and/or (ii) data in the form of a still image, 
video (e.g. . . 

...and Adleman "RSA" based functions), or even a function for digitally 
signing information (e.g., Digital Signature Algorithm "DSA" or a 
RSA-based signing functions) . 

In addition, a " digital certificate " is generally defined as any 
information used for authentication. Normally, this information includes 
a public ... 

...includes any person or entity in a position of trust to guarantee or 
sponsor the digital certificate . A " digital signature " is 

generally used to ensure that the data has not been illicitly modified 
after being. . . 

. . .the security kernel (block 420) . This key pair includes a pair of unique 
public and private keys (PUKTAE and PRKTAE) to be associated with 
this specific instantiation of this type or version. . . 

...or any another arithmetic operation. The "assertion" is a statement 
indicating the purpose for a digital signature . For example, the 
assertion may include information concerning the type, model or version 
number of . . . 

...combined (block 440), the combined result is digitally signed with PRKD 
to produce a "notary digital signature " (NDS) as shown in block 445. 
NDS along with a device certificate chain, namely at... 

...recover data, inclusive of PUKD as also shown in Figure 6 where "D" 
constitutes a digital signature verify function (block 510) . Since 
the notary digital signature has been digitally signed by PRKD, the 
recovery of PUKD allows the message hash, TAEH... 

...head-end equipment and provides, if not previously provided, credit card 
information, automated teller machine ( ATM ) , checking account routing 
number or any other financial information to the head-end equipment 
(block... 

. . .CLAIMS arranged to control execution of cryptographic functions and hash 
functions and to produce a notary digital signature including a 
combined result of a hash value of the second segment of code (330) 
and an assertion indicating a purpose of the notary digital 
signature , the combined result digitally signed by a private key 
(360) of the cryptographic device (230... 

...the cryptographic device (230), a private key (360) of the cryptographic 
device (230) and a digital certificate chain (370) including at 
least one device certificate. 
3. The cryptographic device (230) of claim... 
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...of claim 6, wherein the second segment of code (330) passes the message, 
the notary digital signature and the digital certificate 
chain to a graphical user interface. 
10. The cryptographic device (230) of claim 1 in... 

...320) being code, in communications with the trusted agent executable 
(330), that produces the notary digital signature . 
13. The cryptographic device (230) of claim 11, wherein the trusted agent 
executable (330) further... 
...receiving a selected segment of code (330) by the platform (130); and 
providing a notary digital signature to the content provider (110), 
* the notary digital signature including a combined result of a 
hash value of the selected segment of code (330... 

...control of the platform (130) and an assertion to indicate a purpose of 
the notary digital signature , the combined result digitally 
signed by a private key of a cryptographic device implemented within 



...the hash value of the selected segment of code and the assertion from 
the notary digital signature . 

17. The method of claim 16, further comprising: 
performing a hash operation on a copy. . . 

. . .of code (330) . 

18. The method of claim 15, wherein the providing of the notary digital 

signature includes the combined result of the hash value of the 
selected segment of code (330... 
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...SPECIFICATION identity and privileges of the holder. Usually used as 
synonymous with an electronic certificate or digital certificate 
since an actual document -is of little value in a world of electronic 
commerce . 

Certificate ... 

...users who are no longer authorized to use them. 

Certificate chain - a hierarchy of trusted digital certificates 
that can be "chained" or authenticated back to the "chain's" ultimate 
trust level- the top of the hierarchy called the "root certificate." 

Digital certificate - an electronic document digitally signed by a 
trusted party. The digital certificate binds a person's or entity's 
"unique name to a public/private key pair. 

Digital signature - In the context of SET Secure Electronic 
Transaction programs, data that is appended to, or is a cryptograpic 
transformation of, a data unit. Digital signature enables the 
recipient of the data unit to verify the source and integrity of the... 

...wallet "during electronic commerce transactions. A wallet can hold a 
user's payment information, a digital certificate to identify the 
user, and shipping information to speed transactions. The consumer 
benefits because his'. . . 



...party for the service. 

Key pair - In computer security, a matched set of public and private 
keys . When used for encryption, the sender uses the public key half to 
encrypt the message .. .path 128' to the acquirer gateway 106, signing the 
message with the acquiring bank's digital signature . The acquirer 
gateway 106 forwards it over the internet path 128 to the merchant, 
authorizing. . . 

...to a consumer's computer, a merchant message including a wallet 
initiation message, a merchant digital signature , and a digital 
certificate from an acquiring bank, said wallet initiation message 
including a payment amount, an order description... 

...then authorizing payment by sending over said internet network an 
authorization token, an issuer's digital certificate , said wallet 
initiation message, and a reference to said consumer's credit or debit 
card. . . 



.to a consumer's computer, a merchant message including a wallet 
initiation message) a merchant digital signature , and a digital 
certificate from an acquiring bank, said wallet initiation message 
including a payment amount, an order description... 

.then authorizing payment by sending over said internet network an 
authorization token, an issuer's digital certificate , said wallet 
initiation message, and a reference to said consumer's credit or debit 
card. . . 
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...to a consumer's computer, a merchant message including a wallet 

initiation message, a merchant digital signature , and a digital 
certificate from an acquiring bank, said wallet initiation message 
including a payment amount, an order description. . . 

...then authorizing payment by sending over said internet network an 
authorization token, an issuer's digital certificate , said wallet 
initiation message, and a reference to said consumer's credit or debit 
card . . . 

...to a consumer's computer, a merchant message including a wallet 
initiation message, a merchant digital signature , and a digital 
certificate from an acquiring bank, said wallet initiation message 
including a payment amount, an order description. . . 

...then authorizing payment by sending over said internet network an 
authorization token, an issuer's digital certificate , said wallet 
initiation message, and a reference to said consumer's credit or debit 
card. . . 

. . .message containing consumer identity and authentication information, 
payment amount, an order description, a timestamp, a digital 
certificate representing a merchant, and a digital certificate 
representing the merchant's acquiring bank; said merchant's digital 
certificate containing a merchant identifier unique for the acquiring 
bank; said acquiring bank's digital certificate containing a bank 
identifier unique among all banks sharing a common financial arrangement; 
validating at . . . 

...then authorizing payment by sending over said internet network an 

authorization token, an issuer's digital certificate , and a reference 
to said consumer's credit or debit card number; said authorization token 

...payment amount, order description, timestamp, a random nonce, said 

merchant identifier from the merchant's digital certificate , and said 
acquiring bank identifier from said acquiring bank's digital 
certificate , plus a reference to the consumer's credit or debit card 
number; said authorization token... 

...embodiment the consumer identity and authentication information may be a 
userid and a password, an ATM debit card number and PIN, a smart card's 
account number and a symmetric Message Authentication Code (MAC) , a smart 
card's account number and an asymmetric digital signature , a 
consumer ' s digital signature and digital certificate , a 
consumer's digital certificate and matching asymmetric digital 
signature , a user account number and a symmetric MAC or asymmetric 
digital signature , a user account number and an asymmetric digital 
signature , or a consumer's biometric signal. 

In the preferred embodiment there is a digital certificate 
hierarchy that covers issuing banks, acquiring banks, and merchants. The 
certificate hierarchy is used with public-key digital signatures to 
identify said merchant and said issuing bank. The certificates represent 
common financial agreements and... the consumer's computer with a merchant 
message including a wallet initiation message, a merchant digital 
signature , and a digital certificate from an acquiring bank. The 
wallet initiation message includes a payment amount, an order description 

...then authorizes payment by sending over the internet network an 
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unique for the acquiring bank (208); 
said acquiring bank's digital certificate containing a bank 

identifier unique among all banks sharing a common financial 

arrangement ; 
validating at . . . 

...authorizing payment by sending over said internet network an 

authorization token (254), an issuers digital certificate , and a 
reference (252') to said consumer's credit (250) or debit card 
number; 
said. . . - 

. . .payment amount, order description, timestamp, a random nonce, said 

merchant identifier from the merchant's digital certificate , and 
said acquiring bank identifier from said acquiring bank's digital 
certificate , plus a reference to the consumer's credit or debit card 
number; 

said authorization token. . . 

...to a consumer's computer, a merchant message including a wallet 
initiation message, a merchant digital certificate , and a 
digital certificate from an acquiring bank, said wallet initiation 
message including a payment amount, an order description. . . 

...of claim 19, which further comprises: 

including with the wallet initiation message a merchant's digital 

signature of the wallet initiation message; 
including the wallet initiation message and said merchant's digital 

signature in the authorization request message- 
verifying at said issuer gateway said merchant's signature to... 

. . .merchant claims payment through the acquiring bank by forwarding the 
- authorization token and issuer's digital certificate to the 
acquiring bank; 

the acquiring bank verifying the issuer's signature on the 
. authorization token, validating the issuer's digital certificate , 
checking for duplicates via the timestamp in the authorization token; 
and the acquiring bank paying. . . 
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Detailed Description 

English Abstract 

Featured are systems and methods for creating digital signatures . 
More particularly, there is featured a method for facilitating online 
commerce including issuing an electronic... 

Detailed Description 

... S. Provisional Patent Applications 

60/478985 ffled 6/14/03 entitled "Secure System for Processing Digital 

Signatures and Method for Use Thereof," 60/492,774 filed 8/04/03 
entitled 'Secure System for Processing Digital Signatures Using Clock 
Signal Activation and Private Key Transfer," 60/499,761 filed 9/02/03 
entitled 'Secure System for Processing Digital Signatures Using Clock 
Signal Activation and Secret Key Transfer," 60/500,897 filed 9/04/03 
entitled 'Secure System for Processing Digital Signatures Using Clock 
Signal Activation and Secret Key Transfer, " 

60/504,913 filed 9/22/03 entitled "Secure System for Processing Digital 
Signatures Using System Clock Activation and Secret Key Transfer, and 

60/506,115 filed 9/25/03 entitled 'Secure System for Processing Digital 
Signatures and Method for Use Thereof." 

FIELD OF INVENTION 

The present invention is related to a... 
. . . embodiments . 

The invention is also not to be limited by use of the description "user 
digital signature " and may in fact be implemented on behalf of 
entities other than individual users (e... 

...or debit card, checking, social security, business customer account, 
etc.) and also as a user digital signature . For transactions 
involving the delivery of deliverable items (e.g. letters and packages), 
the invention further provides for various embodiments in which the user 
digital signature is able to be printed or affixed to and machine 
readable from preprinted stamps, labels... 



Sylvia Keys 



15-Jun-05 03:45 PM 



«1 



ssendorf. This is distinguished from automated teller machines ( ATM ) 
although for the purpose of the present invention it is possible that the 
two functions... 

...number (e.g. credit or debit card number) functioning as an 

accountholder (e.g. cardholder) digital signature 80 1. Also shown is 
the preferred method of expressing the encoded formed from the... 

. . .be required to present some form of verifiable personal identification 
(e.g. credit, debit or ATM card, drivers license, passport, social 

security card, bio-metric information, user ID, password, etc.) at... 

debit card number) as a TIN capable of functioning as an accountholder 
(e.g. cardholder) digital signature in which the authenticating 

party is the card issuer or card issuer agent (e.g... 
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Detailed Description 

can be configured, to be tamper resistant and can include the set of 
public and private keys II 2 issued by the activation server I I 0 a 
well as other components... 

...ticket specification designating an associated item ticket 134. The 
license 142 also can include a digital . signature 14 2c, including any 
suitable cryptographic keys, and the like, for unlocking item ticket 134 

[00391... 

...configured to include the capability to verify and validate the 
signature 142c, such as a cryptographic signature or other 
identifying characteristic of the license 142, using any suitable 
mechanisms, algorithms or techniques ... Patent No. 6, 336,971. In an 
exemplary 

embodiment, a digital ticket can include a digital token , and the 
like, possession of which can be a condition for exercising a manner of 
...acceptance areas and ease of use for customers, for example, similar 
to Automated Teller Machine ( ATM ) cards and banks. After honoring the 
item tickets 134, the theater owner, for example, can... 
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Detailed Description 

English Abstract 

. . .manager uses the PIN block and transaction data to send a transaction 
request to the ATM Network. 

French Abstract 

...bloc PIN et les donnees de transaction pour envoyer une demande de 
transaction au reseau ATM . 

Detailed Description 

... in the nature of on-line credit card transactions. 
0 

[00041 On the other hand, ATM or Debit card transactions, where the 
transaction has been verified with a PIN can not... 

. . .the EFT network is governed by rules designed to safeguard the various 
parties in an ATM transaction. In particular, the security of the PIN 5 
is subject to strict controls. Most proposals to introduce the advantages 
of ATM transactions to the on-line environment, however, fail to 
adequately protect the PIN from being. . . 

. . .manager uses the PIN block and transaction data to send a transaction 
request to the ATM Network. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[00081 For a more complete understanding of the present... 

...in association with bank debit cards. Bank debits cards are used at 
automated teller machines ( ATM ) connected to the ATM Network. When 
the customer presents the card to the ATM , the ATM prompts the 
customer to enter a PIN. The customer enters the PIN into the ATM . The 
ATM processes the PIN and data read from the bank debit card to identify 
the customer. . . 

...legitimate owner of the card. The process for PM-based transactions with 
debit cards at ATM is heavily regulated. 

[00141 For purposes of the disclosure, a PIN may be any sequence... 

. . .used to identify, particularly where the identification is part of a 
transaction. Inasmuch as the ATM Network has specific requirements, the 
preferred embodiment is tailored to that use. It will be... 

. . .money is transferred from a customer bank account at a financial 

institution 120 via the ATM network 1 1 8 is selected, the transaction 
is initiated, typically by a transaction initiation. . . 

...00231 The executable code injected into the HSM 1 14 is typically 
authenticated using a digital signature of the executable code 
generated by an authorized publisher. Other authentication methods may be 
used. . . 

...publisher. Authentication of the trusted code and trusted publisher is 
typically achieved using an appropriate digital signature 
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authentication protocol. 

100271 TheHSM114maybeprogrammedtorefusetoloadtrustedcodeduringkeyloading 
processes. The HSM 114 may be programmed to restrict code loading... 

.To make the HSM 114 compliant with X9 requirements, the programmed HSM 
114 requires that private keys and symmetric keys exist inn an 
acceptable secure format. The keys. may be rendered as... 

.typically require a trusted code source and use executable code that is 
authenticated, through a digital certificate , hash, MAC or other 
methodology sufficient to prove the authenticity and integrity of the 
executable . . . 

.1 5 may support both EMV for smart card support, debit cards, credit 
cards, and ATM cards. 

[00361 

TheHSMinterf acellOmaybebothphysicallyandelectronicallysecure, andmay 
contain an integral security module, with an encryption chip, that offers 



. . .by a secure line connection, to a closed network 118 such as the ATM 
Network. This closed network 118 provides communication to one or more 
financial institutions. . . 

...transfer of monies from one account to another is performed by 
communications transmitted through the ATM Network II 8. 

100391 In typical prior art systems, using software-based cryptography, 
all of . . . 

...encrypted data. In addition a duplicated asymmetric private key allows 
an adversary to falsely generate digital signatures that would be 
attributed to the computer owner. A substituted or modified public key 
would. . . 

. . .well as references to the key generation procedural documentation 
including key storage and backup. Asymmetric private keys and 
symmetric keys remain secret and their integrity, authenticity and 
recovery practices may be retained. . . 

. . .request including the PIN block in step 244 and sends the transaction 
request to the ATM Network 1 18. 

The ATM Network 246 or the financial institution 120 authenticates the 
PIN in step 246. The f inancial . . . at function block 354. The transaction 
manager 102 then sends the transaction message to the ATM Network 118 
at function block 356. The ATM Network II 8 sends an authorization 
request to the Financial Institution 120 at function block. . . 



18/3 ,K/7 (Item 4 from file: 349) 

DIALOG (R) File 34 9:PCT FULLTEXT 

(c) 2005 WIPO/Univentio. All rts. reserv. 

01144698 **Image available** 

SECURE SYSTEM FOR DIGITAL SIGNATURES AND METHODS FOR USE THEREOF 
SYSTEME SECURISE POUR SIGNATURES NUMERIQUES ET PROCEDE D 1 UTILISATION 

Patent Applicant /Assignee : 

INLET IP HOLDINGS LLC, P.O. Box 1383, Marlton, NJ 08053-6383, US, US 
(Residence), US (Nationality), (For all designated states except: US) 



Sylvia Keys 



15-Jun-05 03:45 PM 



1' 



Patent Applicant/Inventor: 

FRIEND Jeffrey Edward, 715 Kettle Run Road, Marlton, NJ 08053, US, US 
(Residence), US (Nationality), (Designated only for: US) 
Legal Representative: 

DALEY William J Jr (agent), Edwards & Angell, LLP, P.O. Box 9169, Boston, 
MA 02209, US, 

Patent and Priority Information (Country, Number, Date) : 

Patent: WO 200466109 A2-A3 20040805 (WO 0466109) 

Application: WO 2004US685 20040112 (PCT/WO US04000685) 

Priority Application: US 2003442445 20030116; US 2003440989 20030119; US 
2003441529 20030121; US 2003442444 20030125; US 2003478985 20030614; US 
2003504913 20030922 
Designated States: 

(All protection types applied unless otherwise stated - for applications 
2004+) 

AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM 
DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC 
LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO 
RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW 
(EP) AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE 
SI SK TR 

(OA) BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG 

(AP) BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language :■ English 
Filing Language: English 
Fulltext Word Count: 13958 

SECURE SYSTEM FOR DIGITAL SIGNATURES AND METHODS FOR USE THEREOF 

Main International Patent Class: G06F-017/60 
Fulltext Availability: 
Detailed Description 

English Abstract 

Featured are systems and methods for creating digital signatures . 
More particularly, there is featured a method for facilitating online 
commerce including issuing an electronic... 

Detailed Description 

SECURE SYSTEM FOR DIGITAL SIGNATURES 

AND METHODS FOR USE THEREOF 

This application claims as priority U.S. Provisional Patent Applications 
60/415991 filed 10/5/02 entitled "System and Method for Creating and 
Processing Digital Signatures Using Intelligent Authorization, " 
60/439577 filed 1/1 1/03 entitled 
"Secure System for Processing... 

...Method for Use Thereof , " 

60/478985 filed 6/14/03 entitled "Secure System for Processing Digital 
Signatures and Method for Use Thereof," 60/492774 filed 8/04/03 entitled 
"Secure System for Processing Digital Signatures Using Clock Signal 
Activation and Private Key Transfer," 60/499761 filed 9/02/03 entitled 
"Secure System for Processing Digital Signatures Using Clock Signal 
Activation and Secret Key Transfer," and 60/ filed 9/04/03 entitled 
"Secure System for Processing Digital Signatures Using Clock Signal 
Activation and Secret Key Transfer, " and 60/ filed 9/25/03 entitled 
"Secure 

System for Processing Digital Signatures and Method for Use Thereof." 
FIELD OF INVENTION 

A system and method for creating and processing digital signatures . 
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Method Of Digital Certificate (DC) Composition, Issuance And 
Management Providing Multitier DC Distribution Model And Multiple 
Accounts Access Based. 

...available. Secure communications between parties may then be enabled by 
using the parties ' public and private keys . 

The use of public key cryptography addresses many of the inherent 
security problems in an. . . 

...these two problems. In one common approach, the public key management 
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infrastructure is based on digital certificates , which are used to 
associate a certain public key to a certain entity with some degree of 
integrity. 

The public key management infrastructure typically would include a 
database of digital certificates , and various operations are provided 
in order to access and maintain this database. 

For example, requests for new digital certificates are processed, 
digital certificates are revoked, and the status of existing digital 
certificates is designated and checked. 

The closest art known is as follows. 



US Patent 6, 151 . . . 



. . FONIA and unified communication and messaging. 

US Patent 6,324,645, Verisign discloses use of digital certificates , 
but does not detail the use of certificates for web-enabled devices; 
secure purchase and. . . 

. .Another particularly advantageous embodiment of the invention provides a 
method which includes issuing a temporary Digital Certificates 
containing UTA for use in at least one Temporary Target (TT) , the TT 
serving as . . . 

..line audio and video streams; and each Target issuing new pair of 
shorter public and private keys , storing the private key in an 
internal memory of the Target, the private key being... data provided by 
third parties such as Microsoft Passport or Verisign certificates etc. 

CA (Switch) Digital Certificate (preferably includes all PNF fields 
with permanent 
values) 

Authorized privileges for Public key cryptography (preferably... 

..key encryption infrastructure (PKI) and procedures, it can generate 
Certificate Signature Request (CSR) , Public and Private keys , search, 
retrieve, receive and store Digital Certificate issued by 
Certification Authority (CA) . It can also operate within PKI operating as 
Mover or. . . 

..key encryption infrastructure (PKI) and procedures, it can generate 
Certificate Signature Request (CSR) , Public and Private keys , search, 
retrieve, receive and store Digital Certificate issues by 
Certification Authority (CA) . It can also operate within PKI operating as 
Mover or. . . 

..data management engine at SA site. 

Certification Authority. CA is an central PKI authority, providing 
Digital Certificates for UTA Number Files and related SSL services. 
The CA is preferably the SA. 



Switch. . . 



. Kerberos (hqp : Hwww . iet f . orglhtml . chart ers/kib-wg-charter . html ) ; 

Cryptographic Message Syntax (CMS); 

other 

Digital certificates , encryption issues: Internet X.509 certificates 
PKI can be used in conjunction with IETF "Use... 



Sylvia Keys 



15-Jun-05 03:53 PM 



While various implementations of methods of Digital Certificate (DC) 
composition, issuance and management providing multitier DC distribution 
model and multiple accounts access based. . . 

Claim 

comprising said payee network identifier and said DCF network 
identifier is 
93 

obtained from a digital certificate of the, said digital 
certificate being a source of trusted mapping information for deployment 
of a resolution database. 

7 The. . . 

...resolution fee schedules. 
95 

. The transactional communication method as claimed in claim 1, wherein a 
Digital Certificate (DC) comprising at least network identifier and 
its Default Clearing Facility network identifier of a... 
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can be configured to be tamper resistant and can include the set of 
public and private keys 1 12 issued by the activation server I 1 0 as 
well as other components... 

...ticket specification designating an associated item ticket 134. The 
license 142 also can include a digital signature 142c, including any 
suitable cryptographic keys, and the like, for unlocking item ticket 134. 

[00391. . . 

...configured to include the capability to verify and validate the 
signature 14 2c, such as a cryptographic signature or other 
identifying characteristic of the license 142, using any suitable 
mechanisms, algorithms or techniques ... Patent No. 6, 336, 971. In an 
exemplary 

embodiment, a digital ticket can include a digital token , and the 
like, possession of which can be* a condition for exercising a manner of 
...acceptance areas and ease of use for customers, for example, similar 
to Automated Teller Machine ( ATM ) cards and banks. After honoring the 
item tickets 134, the theater owner, for example, can... 
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. . . points in each account. 

It would be updated once it accessed a POS, card reader, ATM or other 
transaction processor that was Clearinghouse network enabled. 

Rules based programming interfaces would allow... in live use. The Gateway 
Service will enroll a settlement points network certificate authority for 

digital certificates and digital encryption. These will be used for 
establishing mutually authenticated and secure communications sessions 
and for adding digital signatures to messages and files sent to the 
Clearinghouse. A Certificate authority houses the private and... 

. . .with multiple levels of protection such that no single individual can 
gain access to the private keys . The certificate authority will also 
maintain a certificate revocation list containing any previous 
certificates that... 
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Claims 
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... available. Secure communications between parties may then be enabled 
by using the parties ' public and private keys . 

The use of public key cryptography addresses many of the inherent 
security problems in an... these two problems. In one common approach, the 
public key management infrastructure is based on digital certificates 
, which are used to associate a certain public key to a certain entity 
with some degree of integrity. The public key management infrastructure 
typically would include a database of digital certificates / and 
various operations are provided in order to access and maintain this 
database. For example, requests for new digital certificates are 
processed, digital certificates are revoked, and the status of 
existing digital certificates is designated and checked. 

The closest art known is as follows. 

US Patent 6, 151. . . 

. . . FOMA and unified communication and messaging. 

US Patent 6,324,645, Verisign discloses use of digital certificates , 
but does not detail the use of certificates for web-enabled devices; 
secure purchase and. . .Another particularly advantageous embodiment of the 
invention provides a method which includes issuing a temporary Digital 
Certificates containing UTA for use in at least one Temporary Target 
(TT) , the TT serving as... line audio and video streams; and each Target 
issuing new pair of shorter public and private keys , storing the 
private key in an internal memory of the Target, the private key being. . . 
data provided by third parties such as Microsoft Passport or Verisign 
certificates etc. 

CA (Switch) Digital Certificate (preferably includes all PNF fields 
with permanent 
values) 

Authorized privileges for Public key cryptography (pref erably . . . key 
encryption infrastructure (PKI) and procedures, it can generate 
Certificate Signature Request (CSR) , Public and Private keys , search, 
retrieve, receive and store Digital Certificate issued by 
Certification Authority (CA) . 

It can also operate within PIU operating as Mover or . . . key encryption 
infrastructure (PKI) and procedures, it can generate Certificate 
Signature Request (CSR), Public and Private keys , search, retrieve, 
receive and store Digital Certificate issues by Certification 
Authority (CA) . 

It can also operate within PKI operating as Mover or. . . 
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engine. The authentication engine authenticates the service provider 
through whom the request is sent, using digital signatures , shared 
secrets, IP addressing, or. other techniques 

known in the art. Associated with a user . . . evault so as to obtain user 
specific information or otherwise, on the basis of traditional digital 
signatures or other methods as will be apparent to those skilled in the 
art. Following a ... automatic voice recognition system, Web interface, 
e-mail, mobile, frontdesk, point-of-sale, and kiosk/ ATM . A voice 
communications device, such as a traditional telephone, a mobile phone, 
or a PC... used to effect payments and gather loyalty points using a 
biometric. A biometricallyenabled kiosk or ATM is a self-service 
interface for ...authentication engine, while the e-vault will 
authenticate to the 

SP using a public-key digital signature . The SP authentication- need 
not 

involve the authentication engine. Effectively the e-vault data is... 
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Notation 

The notation PKx and SKx are used to represent an entity Vs public and 
private keys respectively, using a public key algorithm. JMjPKx is 
used to 

represent encryption of a message. . . 

...encryption using Xs private key. Encryption with a private 

key is assumed to produce a digital signature , such as with the RSA 
algorithm. However any public-key cryptosystem, , capable of providing 

digital signatures may be used. In the actual f inplementation, for 
efficiency purposes, a hash of the message is signed, rather than the 
full message, to produce the digital signature , although this is not 
shown here. The notation 1 5 H(X) is used to... be that customer. This is 
because the system does not provide a non-repudiable customer digital 

signature , but only a customer authentication. 

To prevent an attack by an entity that has obtained ... this is not 
required SSL or IP 1 Sec alone could be used, without need for digital 
signatures . 

User approved information can be passed from their e-vault to 1 specific 
SPs. 

The inf ormation . . . to a cross-marketing offer. 

The following are important aspects of privacy in interactions. 

1. Digital signatures for non-repudiation of message sender 

2. Public-key encryption of template to minimize accessibility... 
transport or network layer 

respectively. This prevents network eavesdroppers from seeing any of the 
communications. 

Digital signatures . 

A digital signature , [XISKspi, is used to show that the message X 
came from SP1 and this ...to the customer, as part of the SSL set-up 
protocol, using an SP SSL digital certificate . 

Although described with reference to SSL it will ...an XML 
document, and follows the secure application protocol specified earlier. 
Each encrypted block or digital signature , forms a different 
sub-element of the 

overall XML message. For example, the encrypted biometric template forms 
one block component. The World Wide Web Consortium (W3C) XML digital 
signature specification and XML encryption recommendation are followed 

in a preferred implementation. 

The type and content... 

...security may be relaxed. 

This can be done by using lightweight cryptography instead of full 
digital signatures and ...of both (multi-modal), 

through an authentication engine. Traditional mechanisms such as PINs, 
passwords, public/ private keys , and hardware tokens may also be used 
with the authentication engine, in combination with biometrics... 

Claim 

user through an authentication engine, 
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the network is adapted to enable the construction of user digital 

signature using the document hash and a server-stored user signing 
key. 
I 0 



22 The. . . 
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... to confirm the identity of the 

business, and be able to attach a legal trail ( digital 

signature ) to those identities. Furthermore, financial and 
insurance service providers will require positive confirmation 
of a... such as a bid, offer, Web site or page, or or RFP via 
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a cryptographic digital signing process. 



Digital signatures are only as worthwhile as the level of 
authentication that occurs when a signature key. . . 

.multiple layers of identity 
confirmation data compilation. 

Figure 5 depicts a block diagram showing the digital 
signing process according to the present invention. 

Figure 6 depicts a block diagram showing the credential local area 
network ("LAN"), a wide area 

network ("WAN"), a wireless (e.g., ATM ) network, a logical 
network within a single computer, some other form of 
programmatic communication such. . . 
.contemplated that the 

invention can be implemented utilizing the same functions, 
processes, and data without digital signing . 

The components include. 

The Trust Warehouse: A comprehensive database of 
corporate profiles containing a combination. . . 

. the data . 

12 

TrustWatch: A downloadable client program that can be 

enabled to hold the private keys of business representatives, 

displays True Credentials, detects embedded XML signed 

content, detects XML signature requests ... setup 

and manage representatives of the business. At enrollment the 

Trust Administrator is issued a digital certificate that is 

used to gain access to the Administrative section. Each 

representative is issued a key pair/ digital certificate for 

digital signing . 
True Record: A highly secure storage location for 
digital receipts (Digital Receipt Vault) and a... 

.subset of the True Credential 
information 

With True Identity for electronic marketplaces TrustWatch 
offers secure digital signing of buyer and seller commitments, 
local storage of these digitally signed documents, 
verification of digitally. . . 

. optionally) , 

and finally transmits the signed offer to the electronic 
marketplace. See Figure 5 

Viewing digital signatures and their corresponding True 
Credentials is a similar process. The electronic marketplace 
transmits the signed. . . 

.the True Credential of the 

signer's' company The Trust identifier is stored in the digital 
certificate of the signer to facilitate requesting the 

TrueCredential of the signer. The process of verifying a 
digital signature is essentially the reverse of the original 

signing. A hash of the document that has been signed is 
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compared to the decrypted hash in the digital signature . The 

digital signature is decrypted using the signer's ...the method of 
the present invention the public key is 

available via the signer's digital certificate which is 
referenced by and XML tag within the signature. See Figure 6, 
TrustWatch displaying... 

...keystore, and sends the public key up 

to Trust Authority to be bundled into a digital certificate . A 
key pair is, the private and public key, used for digital 

signing and access to secure web pages. This is a Public Key 
Infrastructure (PKI) term. A digital certificate is a wrapper 
around a public key that has been digitally signed by a 
Certificate . . . 

. . .within 24 

hours, giving him/her information on how and where to pick up 
their digital certificate . 

Based on the information provided initially by the Trust 
Administrator, the Trust Authority routes a. . . 
...terminology, a Registration authority has the 

right to do the registration aspects of issuing a digital 

certificate under strict guidelines for a Certificate 
Authority by having a registration switch the Trust Authority. . . 

. . .Administrator is authenticated he/she is 

emailed a unique URL to pick up his/her digital certificate 

The Trust Administrator goes to the site and downloads the 
certificate to a keystore on. . . 

. . . set up 

participants (or other Trust Administrators) quickly and 
easily 

Setting up Participants 

Using the digital certificate received in the process 
described above the Trust Administrator can now set' up 
participants. This... 

...This happens as a continuous process 

with the result being a private key and a digital certificate 
for the participant stored in the participants local keystore. 
Once this has occurred the participant ... to dispute 
resolution services based on a True Record. 

1 5 

Whenever a Trust Authority digital signature is created or 
encountered by a TrustWatch user there is an option of 
transmitting this... 
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Detailed Description 

Claims 

English Abstract 

An automated transaction machine such as an ATM (10) is provided. The 
ATM isoperative to digitally sign electronic documents (42) . The ATM 
may be in operative connectionwith a storage server (32) . The storage 
server is operative responsive to the ATM to maintainelectronic 
documents (42) in a data store (34) in association with the. user's. . . 

...user in association with theuser's digital safe deposit account and/or 
financial account. The ATM is operative to causeelectronic documents to 
be signed using the private key associated with the user. The ATM 
isfurther operative to output the electronic document on a display device 
(18) of the ATM wherethe user may view and edit the electronic 
document . 

Detailed Description 

AUTOMATED TRANSACTION MACHINE 

DIGITAL SIGNATURE SYSTEM AND METHOD 
TECHNICAL FIELD 

This invention relates to automated transaction machines. Specifically 
this invention. . . 

. . .When signing all electronic docuinent an individual' uses a secret 
private key to generate a digital signature for the electronic 
document. Such a private key is generally associated with a public key. 
Another party may use the public key to authenticate the electronic 
document and digital signature . 

Such public keys are often distributed as part of a digital 
certificate which is digitally signed by a trusted third party 
certificate authori ty. 

Although the digital certificate and public key may be publicly 
disclosed to the world, the private key must remain. . . 
...encryption software, many individuals do not have the technical skill to 
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successfully install and use digital signature programs on their 
personal 

computers. Consequently there exists a need for a system and method... 

. . .digitally signing electronic documents which can be easily employed by 
individuals . 

In general, when a digital signature program belongs to a person 
using 

the program, that person may have reasonable assurance that... 

...0 the electronic document that was read and reviewed by the person. 

Unfortunately, if the digital signing program belongs to an untrusted 
party, the individual has very little assurance that a private... 

...result there exists a need for a system and method of protecting the 
confidentiality of private keys used to digitally sign electronic 
documents . 

There also exists a need to provide a system. . . 
...of the present invention to 

provide a system and method of protecting the confidentiality of private 
keys used to digitally sign electronic documents. 

It is a farther object of an exemplary form. . . 

...system and method of digitally signing electronic documents which 
provides finther assurance to individuals that digital signing of 
electronic documents is a safe substitute for signing paper documents. 

Further objects of exemplary. . . 

. . .may be used by individuals or users with exemplary embodiments includes 
an automated teller machine (" ATM ") . 

ATMs enable customers to carry out banking transactions. Common banking 
transactions that may be carried. .. stamps, money orders, scrip or 
travelers checks. For purposes of this disclosure references to an ATM , 
an 

automated transaction machine, or an automated banking machine shall" 
encompass any device which carries out transactions including transfers 
of value. 

An exemplary embodiment of the ATM may include at least one 

output device such as a display screen, audio system, and printer. The 

ATM may also include at least one input device such as a touch screen, 

function 

keys, keypad, keyboard, and/or card reader. The ATM may ftirther 
include 

devices such as a dispenser mechanism for sheets of currency, a receipt 



.that are used by the machine in carrying out transactions including 
transfers of value. 

The ATM may include or be in operative comiection with at least one 
computer. The computer may. . . 

.amount of file storage space maintained by a storage server in operative 
connection with' the ATM . 
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Claims 

English Abstract 

...120). The advantages of this method and system includes decreasing the 
need for issuance of digital certificates , maintenance of customer 
loyalty reward programs, ability to use on-line purchasing sites that 
require . . . 

Detailed Description 

encryption of the credit card data before it travels over the Internet 
and the use digital certificates to identify the consumer. However, 
encryption algorithms may be broken. Digital certificates often 
require a large certificate hierarchy and add complexity to the 
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transaction. An additional risk... a username, a password, a pass phrase, 
a personal identification number; a digitally signed message, digital 
certificates , a cryptogram, smart card-originated authentication 
information, an electronic address of the cardholder's processor ... to the 
merchant and consumer. In addition, the present invention does not 
require issuance of digital certificates to cardholders, thereby 
eliminating the need for a large certificate hierarchy. However, if such 
digital certificates or other cardholder authentication mechanisms 
such as "smart cards" are desired by the issuing bank... any type of 
payment card such as a credit card, checking card, debit card, or 
automatic teller machine ( ATM ) card. In addition, the payment card 
can be either virtual, or physical. The term virtual ... issuing bank 
during the purchase transaction. 

One method involves the use of public key cryptography, digital 
signatures , and digital certificates . For example, during the 
registration process, software on the cardholder computer would generate 
a pair of mathematically-related keys known as public and private keys 
. The public key is transmitted along with one-time authentication 
information to a third party. . . 

...signs the key and sends it to the cardholder software in the form of a 
digital certificate . 

Typically, the password comprises a series of alphanumeric 
characters optionally supplemented by non-alphanumeric characters... 

. . .password, the 
22 

username of the cardholder, the secret PIN, a digitally signed message 
with digital certificates , a serial number of the cardholder's CPU 
processor, a serial number associated with the... key shared between the 
merchant and the issuing bank, or digitally signed messages supported by 
digital certificates that are signed by a third party. 

33 

Presently, there is no mechanism in the... 
Claim 

one of a username, a secret personal identification number, a 
password, a digitally signed message, digital certificates , a 
cryptogram, an electronic address of the cardholder, a serial number of 
the cardholder computer... 

...a username; a password, a pass phrase; a personal identification number; 
a digitally signed message; digital certificates ; a 
59 

cryptogram; smart card-originated authentication information; an 
electronic 

address of the cardholder's... 
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Detailed Description 

Detailed Description 

... and any electronic signature (s) applied thereto, including determining 
that such records and any associated digital signatures have not been 
altered, and more specifically, for providing a distributed method and 
system for... the use of many prior-art one-way hash functions, often 
dealing with PKI and digital signature applications . 
One exemplary commercial endeavor that uses one-way hash functions 
includes Tripwire, commercialized by. . . 

. . . adoption. 

5 

Other prior art approaches rely upon encryption and cryptography to 
provide so-called digital signatures in " an attempt to authenticate 
identity of a document originator and provide some assurance as... 

...intentionally or otherwise), any information encrypted with that key may 
also be compromised. Further, the secret keys must somehow be 
communicated to all intended recipients, but not to others, in a secure 
fashion. Managing distribution of these secret keys to a large number 
of recipients, and ensuring that the keys remain secret over any. . . 

. . .public keys to other parties and require all parties to maintain 
absolute confidentiality of their private keys . 

Thus, symmetric and asymmetric cryptography each rely upon maintaining 
the absolute confidentiality of the secret... 
...party, it would be nearly impossible to distinguish between authorized 
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and unauthorized users of the Private keys are typically stored and 
thus may be vulnerable to compromise from other parties. The level... 

...to circumvent protection afforded by passwords, and thus improperly gain 
direct assess to the underlying private keys . As computer processing 
power continues to increase exponentially, it is becoming increasingly 
possible to utilize... 

. ..1 5 complicated devices (e.g., biometrics, tokens, etc.), the overall 
security afforded to these private keys can be no greater than the 
security afforded by the passwords protecting these keys. 

Thus authentication. However, formidable challenges remain that impede 
widespread use of PKI, including access controls on private keys , 
poor interoperability, limited operational experience, high 
implementation costs, lack of well-defined and enforced security. . . 

...a. given entity, and will distribute such assertion in the form of a 
so-called digital certificate that can be used to encrypt documents 
and affix digital signatures to such documents. Thus if a user has 
sufficient trust in these assertions, there would... UID and, then or 
later, one or more coupons 300, in the fashion of an ATM for example. 

A coupon will have been obtained for registration use with a given 
cluster .. .might be employed, including the use of HTTP authentication, 
i.e. RFC-2 617, client-side digital certificates , etc. 

With or without being required to authenticate the identity of a 
user-registrant, upon,..15B. 

In applicant's first invention, system 21 0 created digital fingerprint 
(DFP 120) and digital certificate (400) information from the digital 
file (DF 1 0), and promulgated this information to multiple... 
confidential information may include a password, actual or perhaps 
biometric, media information such as an ATM card, an identification 
card, etc. 

DFP 120 is preferably generated by client system 252 and... of record 
(SOR) 246-A, 246-13, and promulgate a copy of the testimonial and 
digital signature inf ormation690f orarchiving . 
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Detailed Description 

enterprise representative, a non-financial data repository account, a 
telephone number, a mailing address, a digital certificate , a network 
credential, an Internet protocol address, a digital signature , an 
encryption key, and an instant messaging address. 

The method optionally includes a third-party. . . 
...services; electronic data utilization patterns; employee status; job 
title; data on user behavior patterns; a digital certificate ; a 
network i o credential; an Internet protocol address; a digital 
signature ; an encryption key; an instant messaging address; 
user-customized medical records; an electronic audio signature... 

...physical device. User-customized processing of electronic data comprises 
invoking any of the following: a digital certificate , an identity 
scrambler, a database authorization field, an electronic consumer loyalty 
or consumer rewards incentive ... wide area network, a cable network, a 
wireless network, a telephone network, the Internet, an ATM network, or 
an X 

The device optionally includes enterprise registration identity data 
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comprising any of digital certificate , a network credential, an 
Internet protocol address, a digital signature , an encryption key, 
and an instant messaging address. 

The device optionally includes a third-party. . . 

...services; electronic data utilization patterns; employee status; job 
title; data on user behavior patterns; a digital certificate ; a 
network credential; an Internet protocol address; a digital signature 
; an encryption key; an instant messaging address; user-customized 
medical records; an electronic audio signature... 

...includes user-customized processing of electronic data further comprises 
invoking any of the following: a digital certificate , an identity 
scrambler, a database authorization field, an electronic consuiner 
loyalty or consumer rewards incentive... 

...network, a wireless digital network, a telephone 

network, a wide area network, the Internet, an ATM network, and an X.25 
connection. 

The device also includes a master electronic identicator ffirther...a 
thin-client, or other public terminal or kiosk such as an Automated 
Teller Machine ( ATM ) . In a preferred embodiment, the user is identified 
through biometrics while enterprise, or third-party... 

...which are accessed to complete the electronic communication, are 

identified through the verification of a digital certificate issued 

by an authorized certifying authority. It is 

also 

In one embodiment, execution of a... 
...for access to stored database content, an electronic request to 

digitally sign data using a digital certificate , or an electronic 
request to present or display data in a customized f orniat . In sum... is 
preferably located securely inside the BIA. 

Communication security is provided by encryption using unique secret 
keys known only to that specific BIA 16 and the DPC 10, and the DES 
encryption. .. a user's registration with the DPC. Optionally, the BIA 16 
also validates public key digital certificates . 

In one embodiment, public keys of a particular certifying authority are 
initially stored in the... 

...network, a wireless digital 

network,, a telephone network, a wide area network, the Internet, an ATM 
network, and an X.25 connection. In particular, the Internet is made up 
of large ... third-party is an entity or enterprise, such as a corporation, 
it can register a digital certificate with the Master Identicator 12. 
Third-party digital certificates are available from certifying 
authorities, and they provide the assurance that the entity with the. . . 

...the BIA 16 device records. 

Preferably, . the security surrounding the registration of an entity's 
digital certificates or of the BIA hardware identification codes with 
the Master Identicator 12 is extremely strong... 12 using 2o any of the • 
following electronic verification: a third-party ID Code, a digital 
certificate , an Internet protocol ("IP") address, a biometric, a 
hardware identification number, or any other code... 
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network, and an X.25 connection. 



58 The device of claim 32 wherein the master. . . 
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PERSON-CENTRIC ACCOUNT-BASED DIGITAL SIGNATURE SYSTEM 

1. Cross Reference to Related Applications 

This patent application claims priority in the United. . . 

...U.S. Patent & Trademark Office and bearing serial number serial 
number 09/-, 

(entitled "Account-Based Digital Signature (ABDS) System"); serial 
number 
PCT/US 
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/ 

(entitled "Entity Authentication in Electronic Communications by 
Providing 

Verification Status of Device") and serial number 09/-, 

(entitled "Modifying Message Data 
and Generating Random Number Digital Signature Within Computer Chip") 
collectively referred 

to hereinafter as the "VS Applications"; serial number PCT/US... 

...Device to Information During Manufacture") and serial number 09/ 
(entitled 

"Manufacturing Unique Devices That Generate Digital Signatures "); and 

serial number 

PCT/US 

/ 

(entitled "Trusted Authentication Digital Signature (TADS) System") . 

II. Field of the Present Invention 

The present invention relates to an improved. . . 

...a legal action, such as the delivery of an executed contra 1 ct . 

Qver recent years, digital signatures also have become an important 
part of e-commerce . ^ 

The origination of a digital signature generally comprises: (1) the 
calculation of a message digest-such as a hash value; and. . . 

...a publicprivate key pair used in asymmetric cryptography. The resulting 
ciphertext itself usually constitutes the digital signature. , which 
typically is appended to the message to fonn the EC. The second part of 
originating the digital signature -encrypting with a private key-is 
referred to herein as "generating" the digital signature , and the 
combined two steps (i.e., calculating a message digest and encrypting 
with a private key) is referred to herein as "originating" the digital 
signature . Furthermore, while the generation of the digital signature 
is conventionally understood as the encryption of the message digest, it 
is contemplated herein that generating the digital signature also may 
include simply encrypting the message rather than the message digest. 
Digital signatures are important because any change whatsoever to the 
message in an EC is detectable from an analysis of the message and the 
digital signature . In this regard, the digital signature is used 
to "authenticate" a message contained within the EC (hereinafter referred 
to as "Message. 

...with the resulting hash value then being transmitted to the device for 
generation of the digital signature . In order to perform the Message 
Authentication in this example, the recipient of the EC... 

...algorithm to the message to calculate a hash value, and the recipient 
decrypts is the digital signature using the public key. If the hash 
value calculated by the recipient equals the hash value of^the decrypted 
digital signature , then the recipient determines that the content of 
the message contained in the EC was... 

...the owner of the private key. 

This, trusted information conventionally is provided based on a digital 

certificate issued by a trusted third party that accompanies the 
digital signature and binds the identity (or other attributes) of the 
private key owner with the public key. A digital certificate (also 
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known as a "digital ID") is a voucher by a third party (commonly referred 

...attesting to the identity (or other attributes) of an owner of a public 
key. Essentially, digital certificates are the electronic 
counterparts to driver licenses, passports, membership cards, and other 
paper-based forms of identification. The digital certificate itself 
comprises an electronic message including a public key and the identity 
of the owner of the public key. A digital certificate also typically 
contains an expiration date for the public key, the name of the 
Certification Authority, a serial number of the digital certificate , 
and a digital signature of the Certification Authority. One of the 
reasons for an expiration date is to limit... 

...attributes other than the identity may change over time. The most widely 
accepted format for digital certificates is defined by the CCITT 
X.509 international standard; thus, certificates can be read or written 
by any application complying with X Based on a digital certificate 
included in an EC, a recipient is able to authenticate the digital 
certificate using a public key of the Certification Authority and 
thereby, presumably, confirm the identity of the owner set forth therein. 

The system wherein a digital certificate is included in an EC 
comprises a "public key infrastructure" (PKI) commonly referred to as the 
"Certification Authority Digital Signature " (CADS) system. A 
particular implementati on 100 of the CADS system in the context of an. . . 

...the name on the card. Software on the purchaser's computer 104 then 

originates a digital signature for the message using a private key of 
the purchaser 102 safeguarded in the computer 104. The i5 software also 
maintains a digital certificate on the computer 104 issued by a 
Certification Authority 10 6a. The message, digital signature , and 
digital certificate then are combined into an EC, and the EC is 
communicated over the Internet 108... 

. . .0. 

Upon receipt, the merchant 110 authenticates the message using the public 
key in the digital certificate . If successful, the merchant 110 then 
authenticates the digital certificate using a public key of the 
Certification Authority 106a. Successful authentication of the digital 
certificate may satisfy the merchant 110 that the purchaser-the sender 
of the EC-is the owner identified in the digital certificate . If the 
merchant 110 is s.o satisfied, then the merchant 110 submits the account 
information. . . 

...knowing the other's identity, the CADS system does have its drawbacks. 
For example, a digital certificate typically is. issued with an 
expiration date, and an expired digital certificate generally is not 
recognized in the industry. Furthermore, if a private key is lost or... 

...owner of the private key must notify the Certification Authority to 

revoke the owner's digital certificate ; however, a recipient of an EC 
with a digital certificate will only know of the revocation of the 3s 

digital certificate if the recipient cross-references the serial 
number of the digital certificate against a certificate revocation 
list (CRL) published by the Certification Authority. Another drawback to 
the CADS system is that the digital certificate .itself is only as 
good as the particular authority that issues it, and it often is 
necessary to obtain multiple digital certificates (i.e., from 
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Certificate Authorities 106a, 106b to 106n) in order to create a 
sufficient . . . 

..system rests upon the secrecy of the private key of the Certification 
Authority issuing a digital certificate , which, if compromised, 
collapses the CADS system. 

In the context of an EC regarding an. . . 

..fraudulent charges to the account of the purchaser, especially as not 
all merchants require a digital signature and digital certificate 
to fill a purchase order. Moreover, financial institutions have yet to 
standardize a requirement that a digital certificate of a purchaser 
be submitted as a condition precedent to approving a payment request by 

..by the merchant, and whether the account information has been reported 
lost or stolen. 

Further, digital certificates raise significant privacy issues in 
many circumstances. 

Accordingly, a need exists for an improved system of communication using 

digital signatures , especially wherein an EC pertains to an account 

upon which the person (or device) digitally... 

..a public key of a public-private key pair with the unique identifier, 

generating a digital signature for an electronic message using a 

private key of the public-private key pair, the such as a public key of a 
user device that generates digital signatures , and third-party 

account identifiers each of which identifies to a third-party an account 

. .method of managing a database for identification of security features of 
a device that generates digital signatures , and includes the steps of 
recording in the database for each of a plurality of . . . 

..security features from the database to a recipient of an electronic 
message for which a digital signature was originated utilizing a 
private key of the public-private key pair of a particular... 

..references refer to like elements, and wherein. 

Fig.l illustrates a prior art Certification Authority Digital 
Certificate (CADS) system; Fig. 2 illustrates a preferred Account-based 
Digital Signature (ABDS) system in 

accordance with a first aspect of the present invention; 

Fig. 2a illustrates ... present invention broadly comprises the association 
of a public key of a device that originates digital signatures using 
asymmetric cryptography to other inforination in an account database 
record, hi general, a method. . . 

..includes applying dynamic risk analysis to a specific message to gauge 
the risk that the digital signature for the message was fraudulently 
originated and, thus, to determine whether or not to perform... 

..account holder" is generally any person possessing a device that is 
capable of generating a digital signature using a private key 
retained therein; the private key corresponding with a public key 
associated. . . 

..some embodiments, the "account holder" is, itself, a device that is 
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capable of generating a digital signature using a private key 
retained therein; the private key corresponding with a public key 
associated. . . 

...invention, general and specific implementations of two-party, 
three-party, and multiple-party Account-based Digital Signature 
(ABDS) systems now will be described in greater detail. 
1 . Account-based Digital Signature (ABDS) Systems 
a. General' 2-Pgrt 
y ABDS Systems 

Fig. 2 illustrates a preferred Account-based Digital Signature (ABDS) 
system 200 in accordance with a first aspect of the present invention. 
Specifically, Fig. . . 

...instruction (il) for the account authority 212 to perform in relation to 
the account. The digital signature of the message also preferably 
includes a unique ...session key, such as, for example, a date and time 
stamp, so that no two digital signatures originated by the device 250 
would ever be identical (and also so that any duplicate digital 
signature received by the account authority 212 could be identified as 
such and disregarded) . 

Using the . . . 

. . .not perform any action on the account of the account holder 202 without 
a valid digital signature originated by the device 250 (or, 
alternatively, without the actual, physical presence of the account... 
from the two-party ABDS system 200 .(from Fig. 2) in that the message and 
digital signature from the account holder 302 to the account authority 
312 is communicated first to the... 

...means of an EC 305. The intermediate .party 310 then forwards the same 
message and digital signature in another EC 315 to the account 
authority 312. 

An instruction (i2) is communicated from. . . 

...the account authority 312 to approve or reject the message. As shown, 
the message and digital signature in EC 315 are the same as the 
message and digital signature in EC 305. 

Upon receipt of the EC 315, the account authority 312 attempts to... 
Documents") . 

Preferably, the device is capable of receiving an electronic message and 
then originating a digital signature for the electronic message 
utilizing the private key stored therein. The device preferably also 
performs ... 

...of the devices require use of an I/O support element to transmit 

information, including digital signatures and messages to recipients 
of the ECs. Some of the devices are self-contained, which means that they 
can generate and transmit messages, digital signatures , and other 
information without the use of external apparatuses; some devices, 
although self-contained, are of the device (other than for the purpose of 
generating a digital signature internally within the device) . 
Furthermore, the device preferably includes the following additional 
characteristics: it is... 

...i.e., physical tampering or intrusion of the device should destroy the 
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f inictionality of the digital signature component of the device 
and/or erase the private key); the device maintains the private... 

...the device allows export of the public key when necessary. 

Furthermore, the device preferably originates digital signatures in 
accordance with an elliptical curve digital signature algorithm 
(ECDSA) as specified in Federal Information Processing Standards 
Publication 18 6-2, Digital Signature Standard, US DOC/NBS, January 1 
1, 1994 (hereinafter / TIPS PUB 186-2"), which is incorporated herein by 
reference. Accordingly, the device originates digital signatures 
using a random number generator, and the hash function is lo performed 
using the secure... 
...the device and must be input into the device before it will operate to 
generate digital signatures . Alternatively, but also conventionally, 
the Secret is shared with the recipient 2o beforehand and, when. , . 

...an account holder to an account authority preferably includes both a 
message (M) and a digital signature of the message (DS(M)). The 
message preferably includes the unique account identifier (acctID) and. . . 
message and, corresponding, intended for the account authority to act in 
reliance thereupon. Since a digital signature is capable of being 
generated by a device, potentially without the desire or even 3o... 

...or user of the device, intent cannot be presumed from the mere receipt 
of a digital signature from a device of the account holder. For this 
reason, some means of confirming the... 75, the account holder 7502 
transmits an EC, which contains a message (.N41) and a digital 
signature for the message (DS(M1)). In this interchange, the account 
holder 7502 provides sufficient proof. . . 

...75, the account holder 7502 transmits an EC, which contains a message 
(M2) and a digital signature for the message (DS(M2)). In this 
interchange, the account authority 7512 is not satisfied. . . 

...that the account holder 7502 send a new EC with the same message (M2) 
and digital signature therefor (DS(M2)) but with the additional 
performance of Factor B or C Entity Authentication... 

...75, the account holder 7502 transmits an EC, which contains a message 
(.N43) and a digital signature therefor (DS(M3)). hi this 
interchange, the account authority 7512 is not satisfied that it... 

...the account holder 7502; EC 3B contains a proposed new message (M4) for 
review and digital signing by the account holder 7502. Message 
(M4) , is composed by the account authority 7512 and. .. includes various 
data fields, elements, or portions, generally speaking, a message (M) 
7603 and a digital signature (DS) 7605. These components generally 
form a data structure that may be stored, communicated, or... 

...this aspect of the invention, the body portion 7609 comprises a message 
7 603 and the digital signature 7 605 therefor (separated by a hashed 
line in the illustration). The message 7603 preferably includes... 

...key (PuK) associated with the account, time/date stamp, encrypted 
message, and the like. The digital signature 7605 comprises 
information from the message 7603 (for example, a hash of the message, 
the. . . 

...7609 comprises the account identifier 7616 and a message content portion 
7 618, which incorporates the digital signature 7 605 (ignoring the 
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hashed line) . The account identifier 7616 may be considered a separate 
component from the message content 7618. Similar to the first 
arrangement, the digital signature 7 605 portion of the message 
content 7618 comprises other information from the message content 7618... 

...either of the above arrangements, the EC 7601 includes the account 
identifier 7616 and the digital signature 7605 as significant 
components thereof . 

It will be appreciated that the digital signature 7 605 of any 
arrangement of data elements may constitute information such as the 
account identif ier . . . in the form of a card 650, such as an IC card, 
credit card, or ATM card, which is capable of being used at an ATM 
machine 660 or the like. The card 650 securely protects therein a private 
key of a public-private key pair. The ATM machine 660 includes a 
display 662, a card reader 664, an alphanumeric keypad 666, and... 

...a bank, savings and loan, credit card company, or the like. In this 
example, the ATM machine 660 communicates electronically with the 
financial institution 612 over a secure, internal banking network. . . 

...occurs when the account holder 602 initially attempts to login to or 
otherwise access the ATM machine 660. 

Regardless of which type of EC is communicated from the account holder 
602. . . 

...the account holder 602 inserts the card 650 into the card reader 664 of 
the ATM machine 660. The insertion of the card 650 initializes the ATM 

machine 660, which, using display 662, prompts (Step 804) the account 
holder 602 to perform. . . 

...an electronic message is composed (Step 806) for sending to the 
financial institution 612. 

The ATM machine 660 displays a menu of available accounts upon which 
the account holder 602 may. . . 

...The available accounts are stored within memory on the card 650 and 

retrieved by the ATM machine 660 for display to the account holder 602. 
Of course, if only one account... 

...without requiring specific selection by the account holder 602. 

Upon selection of an account, the ATM machine 660 displays a menu of 
operations that can be performed on the selected account... 

...the account holder 602, such as a withdrawal or transfer amount and the 
like, the ATM machine 660 composes an electronic message that includes 
an instruction to the financial institution ...account holder 602. 

The message then is transmitted (Step 808) to the card 650 for digital 
signing by the account holder 602. hi this regard, upon receipt of data 
representing the message, the card 650 originates (Step 810) a digital 
signature for the message by first calculating a hash value for the data 
and then encrypting... 

...private key retained within the card 650. The card 650 then outputs 

(Step 812) the digital signature to the ATM machine 660, which then 
transmits (Step 814) the message and the digital signature therefor 
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in an EC to the financial institution 612. 

With, reference to Fig. 9, the EC is received (Step 902) by the financial 

institution 612 from the ATM machine 660. The financial institution 612 

then retrieves (Step 904) from the account database 614... 

. . .provide an account balance, then the financial institution 612 transmits 
the account balance to the ATM machine 660 for presentation to the 
account holder 602. If the account holder 602 instructs... 

. . .that the funds are available and, if so, sends an 1 5 authorization to 
the ATM machine 660 to dispense the requested amount offunds (up to the 
limit allowed and/or. . . 

...that the account holder 602 provide additional entity authentication 
information or status prior to the digital signature being generated 
by the card 650. The ATM machine 660 may be used to advantage to 
sequence the events properly so that the... 

. . .holder 602 first sees the proposed confirmation message displayed on the 
display 662 of the ATM machine 660, then is prompted to input a Secret 
or bionietric value, after which the ATM machine 660 provides the 
confirmation message to the card 650 for digital signature . The 
remaining method of generating and processing such transaction 
confirmation EC is similar to that ... account selected by the account 
holder 1002. 

The PDA 1050 then- originates (Step 1208) a digital signature for the 
message by first calculating a hash value for the data and then 
encrypting. . . 

...retained within the PDA 1050. The PDA 1050 then outputs (Step 1210) the 
message, and digital signature therefor to the wireless modem of the 
PDA 1050, which then transmits (Step 1212) the message and the digital 
signature in an EC to the brokerage firm 1012. 

With reference to Fig. 13, the EC. . .message is complete, but also causes 
the cell phone 1450 to originate (Step 1608) a digital signature' for 
this first message. Next, the cell phone 1450 transmits (Step ) the 
message and digital signature in an EC to the bill payment service 
1412 over the wireless communications network 1408... 

...complete bill payment transaction can' be forinulated by the bill payment 
service 1412. Preferably, no digital signatures need to be generated 
or sent during the menu selection/message generation process. Upon 
completion ... payment transaction is accepted (Step 1614) and the cell 
phone 1450 originates (Step 1616) a digital signature for the 
proposed payment transaction. The message that is digitally signed can 
either be the . . . 

. . .the bill payment service 1412 can transmit a message to the cell phone 
14 50 for digital signature in response to the number (#) key being 
depressed in response to the last menu selection. In either case, the 
cell phone 1450 then transmits (Step 1618) the message and digital 
signature in an EC to the bill payment service 1412 over the wireless 
communications network 1408... 

...in RAM on the cell phone 1450 as a digital file and for which a digital 
signature is then originated by the cell phone 14 50. 

Referring again to Fig. 17, the steps ... 4 1587 
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possessing a private key of the account holder used to generate a 
digital signature of an electronic message. 113. The method of claim 
86, wherein the information includes security. . . 

...account information of users including: 

(a) a public key of a user device that generates digital signatures , 

(b) third-party account identifiers each of which identifies to a 
third-party an account... 

...of the CKA account identifiers and a 

message including the new public key and a digital signature 
therefor, 

(b) authenticating the message of the EC using the public key associated 
with the ... retrievable by a unique identifier, the information including 
security features of a device that generates digital signatures using 
a private key of a 
public-private key pair; 

(b) associating the public key. . . 

...identifier in the database; (c) receiving an electronic communication 
including the unique identifier and a digital 
signature for a message generated by a suspect device; 
(d) authenticating the message using the public... 

...the security features of the genuine 
device; and 

(f) gauging the risk that said generated digital signature was 
fraudulently sent based on said identified security features, of the 
genuine device. 131. The... 

...the Internet. 139. The method of claim 130, further comprising gauging 
the risk that the digital signature was fraudulently originated based 
on said identified security features. 140. A method of managing a 
database for identification of security features of a device that 
generates digital signatures , comprising the steps of. 
(a) recording in the database for each of a plurality of devices, 

(i) a public key of a pair of public- private keys of the device, and 

(ii) information including security features of the device, the security 
features ... 

. . . security features from the database to a recipient of an electronic 
message for which a digital signature was originated utilizing a 
private key of the public-private key pair of a particular. . . 

...particular device. . The method of claim 140, further comprising gauging 
the risk that said originated digital signature was fraudulently 
originated based on said identified security characteristics. 142. The 
method of claim 140, wherein the public key used to authenticate the 
electronic message is received with the digital signature . 14 3. The 
method of claim 140, wherein the public key associated with the record 
identified. . . 
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and includes some on-chip or off-chip memory for storing and/or 
generating a cryptographic signature . A Microchip 12C508, 12C672 or 
higher processing unit is preferred. In one embodiment, a Microchip. . . 
merely a randomly generated number. In another embodiment, the 
transaction confirmation number is actually a digital signature of 
the order number and. 

a public key. A digital signature is used to authenticate the 
identity of the sender (Le., the third party authenticaf ion server) or 
the signer of the document. The use of the digital signature ensures 
that: the signed document cannot be easily repudiated, cannot be imitated 
by someone else. . .parties may want to verify y Cach other for a given 
transaction. 
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...in this step of the process. In other words, the PC checks the 

merchant 1 s digital certificate and the response to the customer's 
challenge with the merchants public key. 

The merchant ... PC . The electronic card receives the challenge via the PC. 
The electronic card calculates the digital signature to sign the 
challenge and sends the response back via the conventional land-line 
telephone . . . 

...a button in a set-up menu. 

Essentially, PKI allows users to send documents with digital 
certificates to prove that the user is indeed the user. The client 
authentication involves the use... 

. . .infrastructure. 

In general, the CSI % essentially enables the servers to ask the users to 
send digital certificates . The CSI S in the client sends an unsigued 
digital certificate . The server which supports CSI S receives the 
digital certificate and sends a random nwnber back to the client to 
have (inverted exclamation mark)t... 

...challenge) to the PC across the web. 

The PC, through the CSI x module, sends a digital certificate (which 
includes the customer's public key) and the electronic card data to a 
durd party CSI' server. This third party CSI S server functions as a 
digital certificate signing f acility 1 and . holder of private keys 
of all its menibers . This CSI * server signs the digital ceitificate signs 
the random number. . . 

...the On-Line Authentication section of the patent specification. The PC 
then delivers the signed digital certificate aud random number to the 
web merchant who checks the signature with the customer's. . .as a loyalty 
card (for earning and redeeming incentive points), a gift certificate, or 
an ATM card. Each registered user is associated with his own aecount 
for each, of these uses... 
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wide variety of tasks, from interconnections to other systems or 
networks, such as internet connections, ATM connections, frame relay 
connections, and telephonic connections, on operating systems at both the 
server and. .. practices to provide the highest level of security. For 
example, the productivity center 10 employs digital signatures 
/certificates using public- private keys and uses Internet Information 
Server (IIS) Version 5, IPSec-based security for the VPN 12... 

...approved list of users. The productivity center 10 may also authenticate 
the user using a digital certificate if SSL is enabled for that 
client. The primary interface to all client data is... 
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Claims 

Detailed Description 

... of the present invention is directed to a method of storing 5 both 
templates and digital certificates in a hierarchical structure for 
ease of access to the templates and the digital certificates . Another 
feature of the present invention is directed to utilizing the system of 
the present... to FIG. 3, is more than the typical 

desktop computer. For example, both cars and ATM machines incorporate 
computers, home and office physical security systems incorporate 
computers, etc. 

Thus, the present... 

...are just some of the 

various applications where the present invention can be applied. 

- 110 

Digital Certificates 

The inventors of the present invention recognized a limitation that is 
encountered when digital certificates are used in a networked 
enviromnent without system 102 (FIG. 1) . Generally, a digital 
certificate defines user privileges. More specifically, a digital 
certificate attaches to an electronic message and is used for security 
purposes. The most common use -of a digital certificate is to verify 
that a user sending a message is who he or she claims... 

... a digital 

I 0 certificate from a Certificate Authority (CA) . The CA issues an 
encrypted digital certificate containing the applicant's public keys, 

private keys and a variety of other identification information. The 
applicant's public key is signed by... 

...The recipient of an encrypted message uses the CA ! s public key to decode 
the digital certificate attached to the message, verifies it as 
issued by the CA and then obtains the... 

...use a token or smart card, or any combination thereof, to gain access to 
a digital certificate . Because each user's digital certificate is 
stored on one computer within the network, the digital certificate is 
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bound to a single computer. This ...the present invention recognized 
that a scheme is needed for easy access to all user digital 
certificates such that a user can gain access to required resources from 
any location within the enterprise. 

The scheme for easy access to all user digital certificates , such 
that a user can gain access to his or her digital certificate from 
any location within the enterprise, is the same scheme as described above 
in reference to FIG. 28 and the storing of templates 502. In enterprise 
2800, all digital certificates are stored at corporate office 2802. 
Then the additional storage of digital certificates at individual 
offices depends on the logical block (e.g. either block 2818 or block... 

. . . is in . 

The procedure is as follows. First, each office in enterprise 2800 stores 
the digital certificates for every user that was issued a digital 
certificate at that office. Then, in each logical block, start with the 
offices at the bottom. . . 

...start with office 2806 and office 2808. Office 2806 and office 2808 only 
store the digital certificates for users that were issued digital 
certificates at those offices. Then, following the hierarchical 
structure up to office 2804, office 2804 stores the digital 
certificates for users that were issued digital certificates at 
office 2804, and also copies of all the digital certificates stored 
at office 2806 and office 2808. This procedure is repeated until the top 
of . . . 

...hierarchical structure, the farthest any office will have to go to get a 
user's digital certificate is corporate office 2802. For example, say 
User A was issued a certificate at office 2812. This means that User A's 
digital certificate is stored at office 2812, office 28 1 0 and 
corporate office 2802. 

If User. 

...hierarchical structure up to corporate office 2802 to retrieve a copy of 
User A f s digital certificate . Once it is determined that the user is 
finished with his or her digital certificate , the digital 
certificate must be re-retrieved the next time the user 
requests access to his or her digital certificate 

Not only does the hierarchical structure of enterprise 2800 provide ease 
of access, but also a means of backing up digital certificates within 
enterprise 2800. 

The use of a hierarchical directory to locate templates 502 within 
enterprise ... 

...digital - 112 certificates. The X-500 directory will include pointers to 
the offices- that user digital certificates are stored'. 

2 . Roaming Profile Server 

The concept of using a public key to decode a digital certificate 
attached to a message was introduced above. Some cryptographic systems 
use two keys, a public... 

. . . I 0 An important element to the public key system is that the public and 
private keys are related in such a way that only the public key can 
be used to . . . 
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58 The system of claim 4 6, wherein said computer is attached to a... 
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and includes some on-chip or off-chip memory for storing and/or 
generating a cryptographic signature . A Microchip 12C508, 12C672 or 
higher processing unit is preferred. In one embodiment, a Microchip... 
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merely a randomly generated number. In another embodiment! the 
transaction confirmation number is actually a digital signature of 
the order number and a public key. A digital signature is used to 
authenticate the identity of the sender (i.e., the third party 
authentication server) or the signer of the document; The use of the 
digital signature ensures that the signed document cannot be easily 
repudiated, cannot be imitated by someone else. . .both parties may want to 
verify each other for a given transaction. 

In either case, digital certificates can be used, As known to those 
skilled in the art, a digital certificate is similar to an electronic 
"credit card" that establishes the certificate user's credentials when... 

. . .or other transactions on the web. It is normally issued by a 

certification authority.- The digital certificate contains the user's 
name, serial number, expiration dates, a copy of the certificate, holder ' s 
public key, and the digital signature of the certificate-issuing 
authority so that the recipient of the digital certificate can verify 
that the certificate is indeed authentic and real. Some digital 
certificates conform to the X.509 standard. 

88 

FIG. 33 shows the sequence of steps of... 

...the case where the customer wants to verify the merchant. Initially, the 
merchant sends a digital certificate over the web to the customer. 
The digital certificate contains the date of expiration, name of 
merchant, signature of the certification authority (e.g., Verisign), and 
the merchant's public key. The customer's PC receives the digital 
certificate and in turn, transmits the digital certificate to the 
customer's electronic card. The electronic card contains standard logic 
and progranuning to perform a check to make sure the digital 
certificate is valid. In one embodiment, the electronic card checks to 
make sure that the digital certificate is signed by the certification 
authority and contains no errors. By verifying that the digital 
certificate is properly signed by the certification authority, the 
customer is making sure that no one... 

...merchant. Alternatively, instead of the customer sending a random 

number, the customer can send a digital certificate , which contains 
the ID and a public key. 

This certificate is sent by way of... 

. . .private key. The certification authority ensures that this public key 
belongs the merchant when the digital certificate has been delivered 
to the customer. To indicate a successful verification, the electronic 
card contains ... number (i.e., individual ID or serial number), the 
customer's public key, and a digital certificate . The PC receives 
this transmission and sends the card ID, the customer's public key, and 
the digital certificate to the merchant. 

When the merchant receives the card ID, the customer's public key, and 
the digital certificate , it checks to make sure that it is a good 
signature from the certification authority. . . 
...each other substantially concurrently. The electronic card sends a first 
set of data including the digital certificate , the card ID, the 
customer's public key, and a challenge (e.g., random number... 

...data which includes its own challenge, the response to the customer's 
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challenge, and the digital certificate which contains the merchant's 
public key (among other data as described above) . The customer. . . 

...set of data and retransmits it to the electronic card. 

The electronic card checks the digital certificate to make sure it 
was signed by the proper certification authority and the response to. . . 

...with the public key that was just sent by the merchant as part of the 
digital certificate . If the response is proper, then the customer can 
trust the merchant. The electronic card... 

...in this step of the process. In other words, the PC checks the 

merchant's digital certificate and the response to the customer's 
challenge with the merchant's public key. 

The ... 

...PC. The electronic card receives the challenge via the PC. The 
electronic card calculates the digital signature to sign the 
challenge and sends the response back via the conventional land-line 
telephone . . . 

...a button in a set-up menu. 

Essentially, PKI allows users to send documents with digital 
certificates to prove that the user is indeed the user. The client" 
authentication involves the use... 

...each Crypto Service Prov ider "(CSP) is a dynamic-link-library (DLL) with 
an associated cryptographic signature authorizing it for use by the 
Crypto API. One of the jobs of the CSP. .. infrastructure . 

In general, the CSP essentially enables the servers to ask the users to 
send digital certificates . The CSP in the client sends an unsigned 
digital certificate . The server which supports CSP receives the 
digital certificate and sends a random number back to the client to 
have it digitally signed. The... 

...challenge) to the PC across the web. 

The PC, through the CSP module, sends a digital certificate (which 
includes the customer's public key) and the electronic card data to a 
third party CSP server. This third party CSP server functions as a 
digital certificate signing facility and holder of private keys of 
all its members. This CSP server signs the digital certificate , signs 
the random number with the customer's private key, and then sends them 
back. . . 

...the On-Line Authentication section of the patent specification. The PC 
then delivers the signed digital certificate and random number to the 
web merchant who checks the signature with the customer's public key. 

In an alternative embodiment, the digital certificate with the 
customer's public key could be sent directly to the merchant first. 
Thereafter ... as a loyalty card (for earning and redeeming incentive 
points), a gift certificate, or an ATM card. Each registered user is 
associated with his own account for each of these uses... 
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and includes some on-chip or off-chip memory for storing and/or 
generating a cryptographic signature . A Microchip 12C508, 12C672 or 
higher processing unit is preferred. In one embodiment, a Microchip. . . 
merely a randomly generated number. In another embodiment, the 
transaction confirmation number is actually a digital signature of 
the order number and a public key. A digital signature is used to 
authenticate the identity of the sender (i.e., the third party 
authentication server) or the signer of the document. The use of the 
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digital signature ensures that the signed document cannot be easily 
repudiated, cannot be imitated by someone else... both parties may want to 
verify each other for a given transaction. 

In either case, digital certificates can be used. As known to those 
skilled in the art, a digital certificate is similar to an electronic 
"credit card" that establishes the certificate user's credentials when... 

. . .or other transactions on the web. It is normally issued by a 

certification authority. The digital certificate contains the user's 
name, serial number, expiration dates, a copy of the certificate holder's 
public" key, and the digital signature of the certificate-issuing 
authority so that the recipient of the digital certificate can verify 
that the certificate is indeed authentic and real. Some digital 
certificates conform to the X.509 standard. 

88 

FIG. 33 shows the sequence of steps of. . . 

...the case where the customer wants to verify the merchant. Initially, the 
merchant sends a digital certificate over the web to the customer. 
The digital certificate contains the date of expiration, name of 
merchant, signature of the certification authority (e.g., Verisign), and 
the merchant's public key. The customer's PC receives the digital 
certificate and in turn, transmits the digital . certificate to the 
customer's electronic card. The electronic card contains standard logic 
and programming to perform a check to make sure the digital 
certificate is valid. In one embodiment, the electronic card checks to 
make sure that the digital certificate is signed by the certification 
authority and contains no errors. By verifying that the digital 
certificate is properly signed by the certification authority, the 
customer is making sure that no one of the customer sending a random 
number, the customer can send a digital certificate , which contains 
the ID and a public key. 

This certificate is sent by way of... 

. . .private key. The certification authority ensures that this public key 
belongs the merchant when the digital certificate has been delivered 
to the customer. To indicate a successful verification, the electronic 
card contains . . . 

...number (i.e., individual ID or serial number), the customer's public 
key, and a digital certificate . The PC receives this transmission and 
sends. the card ID, the customer's public key, and the digital 
certificate to the merchant . 

When the merchant receives the card ID, the customer's public key, and 
the digital certificate , it checks to make sure that it is a good 
signature from the certification authority. . . 
...each other substantially concurrently. The electronic card sends a first 
set of data including the digital certificate , the card ID, the 
customer's public key, and a challenge (e.g., random number... 

...data which includes its own challenge, the response to the customer's 
challenge, and the digital certificate which contains the merchant's 
public key (among other data as described above) . The customer. . . 

...set of data and retransmits it to the electronic card. 
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The electronic card checks the digital certificate to make sure it 
was signed by the proper certification authority and the response to... 

. . .with the public key that was just sent by the merchant as part of the 
digital certificate . If the response is proper, then the customer can 
trust the merchant. The electronic card... 

...in this step of the process. In other words, the PC checks the 

merchant's digital certificate and the response to the customer's 
challenge with the merchant's public key. 

The . . . 

...PC. The electronic card receives the challenge via the PC*. The 
electronic card calculates the digital signature to sign the 
challenge and sends the response back via the conventional land-line 
telephone to send documents with digital certificates to prove that 
the user is indeed the user. The client authentication involves the use 



...Physically, each Crypto Service Provider (CSP) is a dynamic-link-library 
(DLL) with an associated cryptographic signature authorizing it for 
use by the Crypto API. One of the jobs of the CSP... 

. . .infrastructure. 

In general, the CSP essentially enables the. servers to ask the users to 
send digital certificates . The CSP in the client sends an unsigned 
digital certificate . The server which supports CSP receives the 
digital certificate and sends a random number back to the client to 
have it digitally signed. The... 

...challenge) to the PC across the web. 

The PC, through the CSP module, sends a digital certificate (which 
includes the customer's public key) and the electronic card data to a 
third party CSP server. This third party CSP server functions as a 
digital certificate signing facility and holder of private keys of 
all its members. This CSP server signs the digital certificate , signs 
the random number with the customer's private key, and then sends them 
back. . . 

...the On-Line Authentication section of the patent specification. The PC 
then delivers the signed digital certificate and random number to the 
web merchant who checks the signature with the customer's public key. 

In an alternative embodiment, the digital certificate with the 
customer's public key could be sent directly to the merchant first. 
Thereaf ter . . . as a loyalty card (for earning and redeeming incentive 
points), a gift certificate, or an ATM card. Each registered user is 
associated with his own account for each of these uses... 
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and includes some on-chip or off-chip memory for storing and/or 
generating a cryptographic signature . A Microchip 12C508, 12C672 or 
higher processing unit is preferred. In one embodiment, a Microchip. . . 
merely a randomly generated number. In another embodiment, the 
transaction confirmation number is actually a digital . signature of 
the order number and a public key. A digital signature is used to 
authenticate the identity of the sender (i.e., the third party 
authentication server) or the signer of the document. The use of the 
digital signature ensures that the signed document cannot be easily 
repudiated, cannot be imitated by someone else... both parties may want to 
verify each other for a given transaction. 
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In either case, digital certificates can be used. As known to those 
skilled in the art, a digital certificate is similar to an electronic 
"credit card" that establishes the certificate user's credentials when... 

...or other transactions on the web. It is normally issued by a 

certification authority. The digital certificate contains the user's 
name, serial number, expiration dates, a copy of the certificate holder's 
public key, and the digital signature of the certificate-issuing 
authority so that the recipient of the digital certificate can 
'Verify that the certificate is indeed authentic and real. Some digital 
certificates conform to the X.509 standard. 

88 

CD P 0 C@ 0 0 P@ CCnD...each other substantially concurrently. The 
electronic card sends a first set of data including the digital 
certificate , the card ID, the . customer 1 s public key, and a challenge 
(e.g., random number... 

...data which includes its own challenge, the response to the customer's 

challenge, and the digital certificate which contains the merchant's 

public key (among other data as described above). The customer... 

...set of data and retransmits it to the electronic card. 

The electronic card checks the digital certificate to make sure it 
was signed by the proper certification authority and the response to... 

...with the public key that was just sent by the merchant as part of the 
digital certificate . If the response is proper, then the customer can 
trust the merchant. The electronic card... 

...in this step of the process. In other words, the PC checks the 

merchant's digital certificate and the response to the customer's 
challenge with the merchant's public key. 

The. . . 

...PC. The electronic card receives the challenge via the PC. The 
electronic card calculates the digital signature to sign the 
challenge and sends the response back via the conventional land-line 
telephone . . . 

. . .a button in a set-up menu. 

Essentially, PKI allows users to send documents with digital 
certificates to prove that the user is indeed the user. The client 
authentication involves the use... 

...Physically, each Crypto Service Provider (CSP) is a dynamic-link-library 
(DLL) with an associated cryptographic signature authorizing it for 
use by the Crypto API. One of the jobs of the CSP the users to send 
digital certificates . The CSP. in the client sends an unsigned 
digital certificate . The server which supports CSP receives the 
digital certificate and sends a random number back to the client to 
have it digitally signed. The... 

...challenge) to the PC across the web. 

The PC, through the CSP module, sends a digital certificate (which 
includes the customer's public key) and the electronic card data to a 
third party CSP server. This third party CSP server functions as a 
digital certificate signing facility and holder of private keys of 
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all its members. This CSP server signs the digital certificate , signs 
the random number with the customer's private key, and then sends them 
back. . . 

.the On-Line Authentication section of the patent specification. The PC 
then delivers the signed digital certificate and random number to the 
web merchant who checks the signature with the customer f s public key. 

In an alternative embodiment, the digital certificate with the 
customer's public key could be sent directly to the merchant first. 
Thereaf ter . . . as a loyalty card (for earning and redeeming incentive 
points), a gift certificate, or an ATM card. Each registered user is 
associated with his own account for each of these uses... 
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. infrastructure . 



In general, the CSP essentially enables the servers to ask the users to 
send digital certificates . The CSP in the client sends an unsigned 
digital certificate . The server which supports CSP receives the 
digital certificate and sends a random number back to the client to 
have it digitally signed. The... 

...challenge) to the PC across the web. 

The PC, through the CSP module, sends a digital certificate (which 
includes the customer's public key) and the electronic card data to a 
third party CSP server. This third party CSP server functions as a 
digital certificate signing facility and holder of private keys of 
all its members. This CSP server signs the digital certificate , signs 
the random number with the customer's private key, and then sends them 
back ... 

...the On-Line Authentication section of the patent specification. The PC 
then delivers the signed digital certificate and random number to the 
web merchant who checks the signature with the customer's public key. 

In an alternative embodiment, the digital certificate with the 
customer's public key could be sent directly to the merchant first. 
Thereaf ter . . . as a loyalty card (for earning and redeeming incentive 
points), a gift certificate, or an ATM card. Each registered user is 
associated with his own account for each of these uses... 
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by examining the wireless signal 
and the device information, and 

certificate logic for generating a digital certificate ; and 
communications logic for sending the digital certificate and at least 
a portion of the device information. 

2 The system of claim 1... 

.a private key of the user; server communications logic for receiving an 
authentication request, a digital certificate , a number, 
and user information; and 

CSP logic for performing authentication of the user information, signing 
the digital certificate , and signing the number with the private key. 

12 The server of claim I 1... 

.user, comprising: 

a base station and at least one application, wherein the application 
transmits a digital certificate and 
user information; and 

a crypto service provider (CSP) server accessible on a wide area... 

. key of the user, authenticating the user with the user information, and 
for signing the digital certificate . 
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Detailed Description 

. . . and includes some on-chip or off-chip memory for storing and/or 

generating a cryptographic signature . A Microchip 12C508, 12C672 or 
higher processing unit is preferred. In one embodiment, a Microchip. . . 
merely a randomly generated number. In another embodiment, the 
transaction confirmation number is actually a digital signature of 
the order number and a public key . A digital signature is used to 
authenticate the identity of the sender (i.e., the third party 
authentication server) or the signer of the document. The use of the 
digital signature ensures that the signed document cannot be easily 
repudiated, cannot be imitated by someone else... both parties may want to 
verify each other for a given transaction. 

In either case, digital certificates can be used. As known to those 
skilled in the art, a digital certificate is similar to an electronic 
"credit card" that establishes the certificate user's credentials when... 
...or other transactions on the web. It is normally issued by a 

certification authority. The digital certificate contains the user 9s 
name, serial number, expiration dates, a copy of the certificate holder's 
public key, and the digital signature of the certificate-issuing 
authority so that the recipient of the digital certificate can verify 
that the certificate is indeed authentic and real. Some digital 
certificates conform to the X.509 standard. 

88 

FIG. 33 shows the sequence of steps of. . . 

...the case. where the customer wants to verify the inerchant. Initially, 
the merchant sends a digital certificate over the web to the 
customer. The digital certificate contains the date of expiration, 
name of merchant, signature of the certification authority (e.g., 
Verisign), and the merchant's public key. The customer's PC receives the 
digital certificate and in turn, transmits the digital certificate 
to the customer's electronic card. The electronic card contains standard 
logic and programming to perform a check to make sure the digital 
certificate is valid. In one embodiment, the electronic card checks to 
make sure that the digital certificate is signed by the certification 
authority and contains no errors. By verifying that the digital 
certificate is properly signed by the certification authority, the 
customer is making sure that no one... 
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have it digitally signed. The. 



...challenge) to the PC across the web. 

The PC, through the CSP module, sends a digital certificate (which 
includes the customer's public key) and the electronic card data to a 
third party CSP server. This third party CSP server functions as a 
digital certificate signing facility and holder of private keys of 
all its members. This CSP server signs the digital certificate , signs 
the random number with the customer's private key, and then sends them 
back. . . 

...the On-Line Authentication section of the patent specification 1 . The PC 
then delivers the signed digital certificate and random number to the 
web merchant who checks the signature with the customer's public key. 

In an alternative embodiment, the digital certificate with the 
customer's public key could be sent directly to the merchant first. 
Thereaf ter . . . as a loyalty card (for eaining and redeeming incentive 
points), a gift certificate, or an ATM card. Each registered user is 
associated with his own account for each of these uses... 
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Claims 
Detailed Description 

... to identify users, e.g., authentication, to allow access privileges, 
e.g., authorization, to create digital certificates and signatures, 
and the like. One popular cryptography system is a public-key system that 
...the trust engine in order to exercise cryptographic functions, such 
as, for example, authentication, authorization, digital signing and 
certificates, encryption, notary-like and power-of-attorney-like actions, 
and the like. 

Another... or more keys are associated with a user. The method comprises 
storing one or more private keys on a server, receiving a request for 
a cryptographic action, and determining a type of. . . 

...has access to the certificate, performing the cryptographic action using 
one or more of the private keys that correspond to the certificate. 

,3, 

Another aspect of the invention includes a method of ... hashing, digitally 
signing, encrypting and decrypting (often referred to only as 
encrypting)., creating or distributing digital certificates , and the 
like. However, the private cryptographic keys used in the cryptographic 
functions will not... 
...the cryptographic keys may advantageously include some or all of 

symmetric keys, public keys, and private keys . In addition, a skilled 
artisan will recognize from the disclosure herein that the foregoing keys 

...certificate authority 115 may advantageously comprise a trusted 

third-party organization or company that issues digital certificates , 
such- as, for example, Verisign, Baltimore, Entrust, or the like. The 
trust engine 110 may advantageously transmit requests for digital 
certificates , through one or more conventional digital certificate 
protocols, such as, for example, PKCS10, to the certificate authority 
115. In response, the certificate authority 115 will issue a digital 
certificate in one or more ...for example, PKCS7 . According to one 
embodiment of the invention, the trust engine 110 requests digital 
certificates from several or all of the prominent certificate 
authorities 115 such that the trust engine 110 has access to a digital 
certificate corresponding to the certificate standard of any requesting 
party. 

According to another embodiment, the trust ... transmission systems, 
two-way cable systems, customized private or public computer networks, 
interactive kiosk networks, automatic teller machine networks, 
direct links, satellite or cellular networks, and the like. 

FIGURE 2 illustrates a block... key infrastructure (PKI) functionality. 
For example, the cryptographic engine 220 may advantageously issue public 
and private • keys for users of the cryptographic system 100. In this 
manner, the cryptographic keys are generated. . . 

...and the response thereof. In addition, the mass storage 225 may be used 
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least some of the digital signatures correspond to differing digital 



signature protocols or standards. 

33 The method of Claim 29, wherein the server-side cryptographic 
functionality. . . 

. . .or more keys being associated with a user, 
the method comprising: 

storing one or more private keys on a server; 
receiving a request for a cryptographic action; 

determining a type of certificate the certificate, performing the 
cryptographic action using one or more of the private keys that 
correspond to the certificate. 

40 The method of Claim 39, wherein the user owns... 

. . .to the certificate; and performing the cryptographic action using the 
one or more of the private keys corresponding to the 
acquired certificate. 

45 The method of Claim 44, wherein the acquiring the... 
. . .the cross-certified certificate, performing the cryptographic action 
using the one or more of the private keys corresponding to the 
cross-certified certificate. 

47 The method of Claim 4 6, wherein the acquiring... 

...the cross-certified certificate comprise one or more of the one or more 
of the private . keys . 

50 The method of Claim 48, wherein the one or more keys corresponding to 
the. . . 
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Detailed Description 

Claims 

Detailed Description 

... to identify users, e.g., authentication, to allow access privileges, 
e.g., authorization, to create digital certificates and signatures, 
and the like. One popular cryptography system is a public-key system that 
...engine in order to perform authentication and cryptographic functions, 
such as, for example, authentication, authorization, digital signing 
and generation, storage, and retrieval of certificates, encryption, 
notary-like and power-of-attorney-like ... hashing, digitally signing, 
encrypting and decrypting (often referred to only as encrypting), 
creating or distributing digital certificates , and the like. However, 
the private cryptographic keys used in the cryptographic functions will 
not . . . 

...the cryptographic keys may advantageously include some or all of 

symmetric keys, public keys, and private keys . In addition, a skilled 
artisan will recognize from ...certificate authority 115 may 
advantageously comprise a trusted third-party organization or company 
that issues digital certificates , such as, for example, Verisign, 
Baltimore, Entrust, or the like. The trust engine 110 may 
advantageously transmit requests for digital certificates , through 
one or more conventional digital certificate protocols, such as, for 
example, PKCS10, to the certificate authority 115. In response, the 
certificate authority 115 will issue a digital certificate in one or 
more of a number of differing protocols, such as, for example, PKCS7. 
According to one embodiment of the invention, the trust engine 110 
requests digital certificates from several or all of the prominent 
certificate authorities 115 such that the trust engine 110 has access to 
a digital certificate corresponding to the certificate standard of 
any requesting party. 

According to another embodiment, the trust ... transmission systems, 
two-way cable systems, customized private or public computer networks, 
interactive kiosk networks, automatic teller machine networks, 
direct links, satellite or cellular networks, and the like. 
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FIGURE 2 illustrates a block... key infrastructure (PKI) functionality. 
For example, the cryptographic engine 220 may advantageously issue public 
and private keys for users of the cryptographic system 100. In this 
manner, the cryptographic keys are generated. . . 
...and the response thereof. In addition, the mass storage 225 may be used 
to store digital certificates having the public key of a user 
contained therein. 

Although the trust engine 1 1...110 may advantageously perform 
authentication and one or more cryptographic functions, such as, for 
example, digital signing . 

FIGURE 3 illustrates a block diagram of the transaction engine 205 of 
FIGURE 2, according ... the cryptographic handling module 625 may perform 
data comparisons, data hashing, data encryption or decryption, digital 
signature verification or creation, digital certificate generation, 
storage, or requests, cryptographic key generation, or the like. 
Moreover, a skilled artisan will... ID, or the like, and the trusted third 
party may advantageously include, for example, their digital signature 

in enrollment submission. The trusted third party may include an actual 
notary, a government agency. . . 

. . .depositories. 

Often during the enrollment process 900, the user will also desire to 
have a digital certificate issued such that he or she may receive 
encrypted documents from others outside the cryptographic... 

. ..1 00. As mentioned in the foregoing, the certificate authority 115 
generally issues digital certificates according to one or more of 
several conventional standards. Generally, the digital certificate 
includes a public key of the user or system, which is known to everyone. 

Whether the user requests a digital certificate at enrollment, or at 
another time, the request is transferred through the trust engine 1... 

...the public key. In STEP 945, the cryptographic engine 220 transmits a 
request for a digital certificate to the transaction engine 205. 
According to one embodiment, the request advantageously includes a 
standardized request, such as PKCS10, embedded in, for example, and XML 
document. The request for a digital certificate may advantageously 
correspond to one or more certificate authorities and the one or more 
standard. . . 

. . . STEP950thetransaction engine 205 forwardsthis requestto the certificate 



Sylvia Keys 



15-Jun-05 03:55 PM 



18/3, K/30 (Item 27 from file: 349) 

DIALOG (R) File 34 9:PCT FULLTEXT 

(c) 2005 WIPO/Univentio. All rts. reserv. 

00788808 **Image available** 

ELECTRONIC COMMERCE WITH CRYPTOGRAPHIC AUTHENTICATION 
COMMERCE ELECTRONIQUE AVEC AUTHENTIFICATION CRYPTOGRAPH I QUE 

Patent Applicant /Assignee : 

ETHENTICA INC, 100 North Pointe Drive, Lake Forest, CA 92630, US, US 
(Residence), US (Nationality) 
Inventor (s) : 

DICKINSON Alexander G, 4 66 Monterey Drive, Laguna Beach, CA 92651, US, 

OHARE Mark S, 22 Mountain Laurel, Dove Canyon, CA 92679, US, 

ROHRBACH Mark D, 14685 Deerwood Street, Poway, CA 92064, US, 

ZOCCOLI James G, 2114 Rheims, Carrollton, TX 75006, US, 

ORSINI Rick L, 2100 Kings Forest Lane, Flower Mound, TX 75028, US, 

BROOKS Aaron A, 415 Brooks Court, Roanoke, TX 76262, US, 

DAVENPORT Roger S, 14423 Heartside Place, Farmers Branch, TX 75234, US, 

CLOUGH Philip W, 1306 S. Greenston Lane, Duncanville, TX 75137, US, 

CLAYTON Richard F, 7360 Kindler Road, Columbia, MD 2104 6, US, 

STARK Gregory H, 314 Kirkwood Road, Millersville, MD 21108, US, 

FERRANTE Michelle, 5447 Vantage Point Road, Columbia, MD 21044, US, 

BERGER Brian, 23518 Sandstone, Mission Viejo, CA 92692, US, 

DOBSON Robert T Jr, 15 Inverary, Dove Canyon, CA 92679, US, 

Legal Representative: 

ALTMAN Daniel E (agent), Knobbe, Martens, Olson and Bear, LLP, 620 
Newport Center Drive, 16th Floor, Newport Beach, CA 92660, US, 

Patent and Priority Information (Country, Number, Date) : 

Patent: WO 200122322 A2-A3 20010329 (WO 0122322) 

Application: WO 2000US25814 20000920 (PCT/WO US0025814) 

Priority Application: US 99154734 19990920/ US 2000200396 20000427 

Designated States: 

(Protection type is "patent" unless otherwise stated - for applications 
prior to 2004) 

AE AG AL AM AT AT (utility model) AU AZ BA BB BG BR BY BZ CA CH CN CR CU 
CZ CZ (utility model) DE DE (utility model) DK DK (utility model) DM DZ 
EE .EE (utility model) ES FI FI (utility model) GB GD GE GH GM HR HU ID IL 
IN IS JP KE KG KP KR KR (utility model) KZ LC LK LR LS LT LU LV MA MD MG 
MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SK (utility model) SL TJ 
TM TR TT TZ UA UG UZ VN YU ZA ZW 

(EP) AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE 

(OA) BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG 

(AP) GH GM KE LS MW MZ SD SL SZ TZ UG ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language: English 
Filing Language: English 
Fulltext Word Count: 32863 

Main International Patent Class: G06F-017/10 
International Patent Class: G06F-017/60 
Fulltext Availability: 

Detailed Description 

Claims 

Detailed Description 

functions, for instance by requiring a password or PIN number in order* 
to use an ATM . Another form of security is to protect data from being 
intercepted and used by those ... engine in order to perform authentication 
and cryptographic functions, such as, for example, authentication, 
authorization, digital signing and generation, storage, and retrieval 
of certificates, encryption, notary-like and power-of attorney-like 
actions... a vendor, receiving at the trust engine, a request from the 
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vendor to obtain the digital signature of the user, and generating 
the digital signature at the trust engine by using at least one 
private cryptographic key associated with the... at least a user and a 
vendor, a request from the vendor to obtain a digital signature of 
the user, and a cryptographic handling module which receives the data and 
the request, and which generates the digital signature by using at 
least one private cryptographic key associated with the user. 
Another aspect of . . . 

...entity, receiving at the first entity, a request from the third entity 
'to obtain the digital signature of the second entity, and signing at 
the first entity the transaction data using at... more keys from a 
plurality of private cryptographic keys stored on a secure server, the 
private keys being unknown to the user. A request for a cryptographic 
transaction is received from a... hashing, digitally signing, encrypting 
and decrypting (often referred to only as encrypting) , creating or 
distributing digital certificates , and the like. However, the private 
cryptographic keys used in the cryptographic functions will not... 

...the cryptographic keys may advantageously include some or all of 

symmetric keys, public keys, and private keys . In addition, a skilled 
artisan will recognize from the disclosure herein that the foregoing keys 

...certificate authority 115 may advantageously comprise a trusted 

third-party organization or company that issues digital certificates , 
.such as, ...Baltimore, Entrust, or the like. The trust engine 1 10 may 
advantageously transmit requests for digital certificates , through 
one or more conventional digital certificate protocols, such as, for 
example, PKCSIO, to the certificate authority 115. In response, the 
certificate authority 115 will issue a digital certificate in one or 
more of a number of differing protocols, such as, for example, PKCS7 . 
According to one embodiment of the invention, the trust engine 110 
requests digital certificates from several or all of the prominent 
certif icate authorities 115 such that ... transmission systems, two-way 
cable systems, customized private or public computer networks, 
interactive kiosk networks, automatic teller machine networks, 
direct links, satellite or cellular networks, and the like. 

FIGURE 2 illustrates a block... key infrastructure (PKI) functionality. 
For example, the cryptographic engine 220 may advantageously issue public 
and private keys for users of the cryptographic system 100. In this 
manner, the cryptographic keys are generated. . . 

...and the response thereof. In addition, the mass storage 225 may be used 
to store digital certificates having the public key of a user 
contained therein. 

Although the trust engine 1 1...110 may advantageously perform 
authentication and one or more cryptographic functions, such as, for 
example, digital signing . 

FIGURE 3 illustrates a block diagram of the transaction engine 205 of 
FIGURE 2, according ... the cryptographic handling module 625 may perform 
data comparisons, data hashing, data encryption or decryption, digital 
signature verification or creation, digital certificate generation, 
storage, or requests, cryptographic key generation, or the like. 
Moreover, a skilled artisan will... ID, or the like, and the trusted third 
party may advantageously include, for example, their digital signature 

in enrollment submission. The trusted third party may include an actual 
notary, a government agency ... depositories . 
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functions, for instance by requiring a password or PIN number in order 
to use an ATM . Another form of security is to protect data from being 
intercepted and used by those ... engine in order to perform authentication 
and cryptographic functions, such as, for example, authentication, 
authorization, digital signing and generation, storage, and retrieval 
of certificates, encryption, notary-like and power-of-attorney-like . . . 
hashing, digitally signing, encrypting and decrypting (often referred to 
only as encrypting) , creating or distributing digital certificates , 
and the like. However, the private cryptographic keys used in the 
cryptographic functions will not . . . the cryptographic keys may 
advantageously include some or all of symmetric keys, public keys, and 
private keys . In addition, a skilled artisan will recognize from the 
disclosure herein that the foregoing keys... 
« 

...certificate authority 115 may advantageously comprise a trusted 

third-party organization or company that issues digital certificates , 
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such as, for example, Verisign, Baltimore, Entrust, or the like. The 
trust engine 110 may advantageously transmit requests for digital 
certificates , through one or more conventional digital certificate 
protocols, such as, for example, PKCS10, to the certificate authority 
115. In response, the certificate authority 115 will issue a digital 
certificate in one or more of a number of differing protocols, such as, 
for example, PKCS7. According to one 
,7, 

embodiment of the invention, the trust engine 110 requests digital 
certificates from several or all of the prominent certificate 
authorities 115 such that the trust engine 110 has access to a digital 
certificate corresponding to the certificate standard of any requesting 
party. 

According to another embodiment, the trust ... transmission systems, 
two-way cable systems, customized private or public computer networks, 
interactive kiosk networks, automatic teller machine networks, 
direct links, satellite or cellular networks, and the like. 

FIGURE 2 illustrates a block... key infrastructure (PKI) functionality. 
For example, the cryptographic engine 220 may advantageously issue public 
and private keys for users of the cryptographic system 100. In this 
manner, the cryptographic keys are generated. .. and the response thereof. 
In addition, the mass storage 225 may be used to store digital 
certificates having the public key of a user contained therein. 

Although the trust engine 1 1... 

. . .110 may advantageously perform authentication and one "or more 

cryptographic functions, such as, for example, digital signing . 
FIGURE 3 illustrates a block diagram of the transaction engine 205 of 
FIGURE 2, according ... the cryptographic handling module 625 may perform 
data comparisons, data hashing, data encryption or decryption, digital 
signature verification or creation, digital certificate generation, 
storage, or requests, cryptographic key generation, or the like. 
Moreover, a skilled artisan will... ID, or the like, and the trusted third 
party may advantageously include, for example, their digital .signature 

in enrollment submission. The trusted third party may include an actual 
notary, a government agency. . . 

. . . depositories . 

Often during the enrollment process 900, the user will also desire to 
have a digital certificate issued such that he or she may receive 
encrypted documents from others outside the cryptographic... 

. ..1 00. As mentioned in the foregoing, the certificate authority 115 
generally issues digital certificates according to one or more of 
several conventional standards. Generally, the digital certificate 
includes a public key of the user or system, which is known to everyone. 

Whether the user requests a digital certificate at enrollment, or at 
another time, the request is transferred through the trust engine l...the 
public key. In STEP 945, the cryptographic engine 220 transmits a request 
for a digital certificate to the transaction engine 205. According to 
one embodiment, the request advantageously includes a standardized 
request, such as PKCS10, embedded in, for example, and XML document. The 
request for a digital certificate may advantageously correspond to 
one or more certificate authorities and the one or more standard. . . 
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.otherwise be available. These functions, include without limitation: 
encryption and decryption of documents; issuance of digital 
certificates ; digital signing of documents; verification of digital 

signatures ; and such other operations as will be apparent to those of 
skill in the art . . . 
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. . . services, electronic data usage patterns, employee status, job title, 
data on user behavior patterns, a digital certificate , a network 
credential, an internet protocol address, a digital signature , an 
encryption key, an instant messaging address, personal medical records, 
an electronic audio signature, and. different embodiment, processing 
comprising of data includes invoking any of the following; a user's 
digital certificate , a user's identity scrambler, a user's interactive 
electronic consumer loyalty or consumer rewards... 

. . .with the electronic identicator, the identification data comprising any 
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of the following; a biometric, a digital certificate , an internet 
protocol address, or a bionietric input apparatus hardware identification 
code . In a third. . . 

.services, electronic data usage patterns, employee status, job title, 
data on user behavior patterns, a digital certificate , a network 
credential, an internet protocol address, a digital signature , an 
encryption key, an instant messaging address, personal medical records, 
an electronic audio signature, and. .. thin-client , or other public 
terminal or kiosk 60 such as an Automated Teller Machine { ATM ) . In a 
preferred embodiment, the user is identified through biometrics while 
third-party databases 28 which are accessed to complete the electronic 
transmission are identified through the verification of a digital 
certificate issued by an authorized certifying authority. 
Execution of a Rule Module (RM) 50 or an. . . 

.request for access to stored database content, an electronic request to 
personalize data using a digital certificate , or an electronic 
request to present or display data in a customized format. In sum.. -.is 
preferably located securely inside the BIA. Communication security is 
provided by encryption using unique secret keys known only to that 
specific BIA 16 and the DPC, and the DES encryption algorithm. .. a user's 
registration with the DPC. Optionally, the BIA 16 also validates public 
key digital certificates . In one embodiment, public keys of a 
particular certifying authority are initially stored in the... If 'the 
third-party is an entity, such as a corporation, it may register a 
digital certificate with the Identicator 12. Third-party digital 
certificates are available from certifying authorities, and they provide 
the assurance that the entity with the... 

.the BIA 16 device records. Preferably, the security surrounding the 
registration of an entity's digital certificates or of the BIA 
hardware identification codes with the Identicator 12 is extremely 
strong, as ... Identicator using any of the following electronic 
verification means: a third-party ID Code, a digital certificate , an 
Internet protocol ("IP") ...the following information: 

biometric data and personal identification code (PIC) 

biometric data alone 

digital identification ( digital certificates ) 

* BIA hardware identification code 
Biometric Identification Subsystem (BID) 

In one embodiment of the Identicator, the ... comprises multiple 
processors, each of which is capable of identifying a third-party from 
their digital certificates . In this embodiment, digital 
certificates are used to perform digital identification of a 
third-party. Preferably, these include corporate web. . . 

.computer and users use their biometrics for identification of the user. 
Verifying that a particular digital certificate is valid requires a 
public key from the certifying authority that issued that particular 
digital certificate . This requires that the digital identification 
subsystem have a list of certifying authorities and the public keys used 
to validate the digital certificates they issue. This table must be 
secure, and the keys stored therein must be kept up to date. These 
processes and others relating to the actual process for validating 
digital certificates are well understood in the industry. 
BIA Hardware Identification Subsystem (BH1) 

In a preferred embodiment ... employee status; job title; pre-set data on a 
user's current activity patterns; a digital certificate ; a network 
credential; an Internet protocol address; a digital signature ; an 
encryption key; an instant messaging address; personal medical records; 
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an electronic audio signature; and. .. required, an Execution 
Command 52 governs the appending of a user-unique network credential or 
digital certificate to an electronic transmission. If a user employing 
a biometric seeks to append their digital certificate to an 
electronic transmission, the user stores at least one command to sign 
electronic documents using their private keys , which are themselves 
centrally stored on an Clearinghouse 14 server. As such, the user's 
private keys are invoked as a header for the user's electronic 
transmission which, in combination with the electronic document itself 
and an MD5 calculation of the document, together form a digital 
signature . At a later time, an authorized recipient can use the user's 
public key from. . . 

.secure, authenticated electronic transmission. In this way, users do not 
have to manage their own private keys , nor do they have to retain 
physical possession of their digital certificates via smart cards or 
personal computers with resident user-customized data. In one embodiment, 
public ... instruct that these messages are automatically appended with 
both his personal visual trademark icon and digital certificate , both 
of which are stored in the 

Clearinghouse. This provides both user-customized visually graphical ... a 
master Identicator is responsible for storage of the entire set of 
biornetric samples and digital certificates registered for use with 
this invention. The master Clearinghouse 14 is responsible for storage of 
samples and digital certificates registered for use with this 
invention. Local Clearinghouse 14 servers store subsets of the entire... 
services, electronic data usage patterns, employee status, job- title, 
data on user behavior patterns, a digital certificate , a network 
credential, an Internet protocol address, a digital signature , an 
encryption key, an instant messaging address, personal medical records, 
an electronic audio signature, and. . . 

.The method of claim 13, wherein said processing comprising 
invoking the following; a user's digital certificate , a user's 
identity scrambler, a io user@s interactive electronic consumer loyalty 
or consumer ... the electronic identicator (12), the identification data 
comprising any of the following; a biometric, a digital certificate , 
an Internet protocol address, or a biometric input apparatus 
hardware identification code. 

19 The method. . . 

.services, electronic data usage patterns, employee status, job title, 
data on user behavior patterns, a , digital certificate , a network 
credential, an Internet protocol address, a digital signature , an 
encryption key, an instant messaging address, personal medical records, 
an electronic 
audio signature, and. . . 
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that a digital platfonn is operating as intended. 
Encrypting the communication channels or using conventional digital 
signatures may prevent content from being unknowingly modified during 
transmission; however, these techniques do not provide. . . 

...the operations for recovering the combined result, inclusive of TAEH and 
MH, from the notary digital signature . 

Figure 8 is an illustrative block diagram of an embodiment of the present 
invention in. . . 

...content" is generally defined as (i) control information (e.g., Internet 
Protocol "IP" commands, keys, digital signatures , digital 
certificates , etc.), and/or (ii) data in the form of a still image, 
video (e . g . . . Adleman "RSA" based functions), or even a function for 
digitally signing inf ori-nation (e.g., Digital Signature Algorithm 
"DSA" or a RSA-based signing functions) . 

In addition, a " digital certificate " is generally defined as any 
information used for authentication. Normally, this inforination includes 
a public . . . 

...includes any person or entity in a position of trust to guarantee or 
sponsor the digital certificate . 
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.provider, comprising: 

receiving a selected trusted agent executable by the platform; and 
providing a notary digital signature to the content provider, the 
notary digital signature including a combined result of a hash value 
of a message and a hash value... 

.cryptographic device. 

17 The method of claim 16, wherein the combined result of the notary 
digital signature further includes an assertion to indicate a purpose 
of the notary digital signature . 

18 The method of claim 17 further comprising: 
providing the message and a device certificate... 

.the hash value of the selected trusted agent executable and the 
assertion from the notary digital signature . 

19 The method of claim 18 further comprising: 
performing a hash operation on a copy... 

.kernel in communication with the trusted agent executable, the security 
kernel to generate a notary digital signature including a hash 
function of the trusted agent executable and an assertion being data to 
indicate a purpose of the notary digital signature . 
loo 
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summarizing the use of a website as a webbank to wire transfer funds 
to an ATM machine or a programmable financial card, in accordance with 
further embodiments of the present invention. . .bank owner. 

One important example of such a new form of financial transaction is the 
ATM wire transfers, a function currently unavailable in the traditional 
banking system. This function is a type of wire transfer in which a 
webbank owner can wire money to any ATM machine. Thus, a webbank owner 
can wire funds to any individual or third party which that individual can 
quickly pickup at an ATM . 

The webbank TM further serves as a member of the mi ! lliliweb TM a virtual 



...providing users with "the best of both worlds", 
interact wit 

including the ability to use ATM machines, traditional banks, and the 
other banking products and services associated with traditional banks. 

The... known, This identity information can be verified to- the extent 
desired. In a further embodiment, digital signatures and digital 
certificates can be used for further verification purposes, if desired. 

B. Maintenance ofFunds and Records on ... existing financial networks such 
as the networks used to process credit card transactions, wire transfers, 

ATM withdrawals and so forth. The metabank membership in existing 
networks with the concurrent use of ... parameter desired can be encoded 
into the numbers 
36 

corresponding to certain funds, using a secret keys or systems known 
only to the metabank overseer bank, with the overseer bank checking a... 
the card is stolen, and can otherwise be tracked, modified, and 
programmed as desired. 

D. ATM Wire Transfers 

In one embodiment, a webbank owner or user can quickly and easily wire 
money to any ATM machine, providing a third party (or even him or 
herself) with the ability to pick. . . 

...the country or the globe, which the recipient can receive merely by 
locating a nearby ATM (on the appropriate network, whether Cirrus or 
NYCE, or so forth) . The embodiment is particularly. . . 
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...computer at work, a public terminal or kiosk, etc.) or even access just 
to an ATM machine, or even if the person merely wishes to shop 
somewhere that accepts credit or. . .herein. 

j 

In a preferred embodiment, the systems used employ identification (e.g. 
by using digital certificates ), authentication (e.g. by using 
digital signatures ), nonrepudiation, verification and privacy. The 
systems used preferably make use of the processor serial number... 

...of that card in the same manner that a card would be withdrawn from an 
ATM 
73 

machine. The cashier verifies the funds on the card by accessing the 
webbank over ... Examples of magnetic stripe cards include but are not 
limited to, credit cards, debit cards, ATM cards, identification cards, 
photocopier cards, transportation cards, and so forth. Likewise, although 
the term credit... be any credit card number, debit card number, bank card 
number (for use in an ATM machine), webbank number or address, or so 
forth, allowing the optical disk to have information ... which can be 
programmed on a personal computer, and which can also be used at ATM 
machines (e.g to check account information or withdraw funds), can be 
swiped through a. . . 

Claim 

forwire transferring money, comprising: 
providing a systernf orconsumers overthelnternet , saidsystemallowingthe 
consumerto wire transfer funds to an ATM machine for retrieval of cash 
from said ATM machine. 

37 A method as claimed in. Claim 36, wherein said funds are retrieved 
using. . . 

. . .drive 

(e.g. for recording orwriting on an optical disk which serves as the 
card) 

ATM Wire Transfers and Programmable Card Transfers 
User accesses financial institution and user's account 
(e. . . 

...webbank over the Internet) 
i 

User links account or portion thereof to 
number on debit, ATM or credit card, 
including programmable credit or debit card 
I 

Recipient uses card to withdraw 

funds from an ATM machine, or to engage in 

traditional or online transactions 

i ing 

A website is. provided. . . 
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Detailed Description 

... such as credit information, from a customer to a clearinghouse. For 
example, credit cards and automatic teller machines ( ATM ) cards 
are used in a secure fashion to transfer financial information from a 
consumer ' to... the perimeter security of the merchant's location, 
provides a secure location to maintain the secret keys . 

As shown in block 520 of Figure 5, the remote incentive 
management system signs the encrypted message using a signature key. A 
digital signature technique is a well known technique to authenticate 
a message. As is well known, a digital signature is derived from the 
specific message, as wen as 

the merchant's secret key. Specifically, the use of a digital 
signature 

authenticates that the message originated from the merchant, and thus the 

digital signature detects any tampering of the message that may have 
occurred over the open Internet. 

As. . . 

...Figure 3). As shown in block 610, the clearinghouse incentive system 
validates the merchant's digital signature on the RFA message. In 
general, this step includes executing an algorithm to ascertain whether 
. . .response message, as well as verifies the authenticity of the message 
through analysis of the digital signature as shown in block 670. The 
status of the message, as indicated in the response ... merchant ' s earning 
activities, an identification (ID) to uniquely identify the consumer, 
and/or a digital certificate . In one embodiment, the digital 
certificate 

conforms to a digital certificate as defined by the standard x509 
As shown in blocks 810 and 870, if the... 
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Detailed Description 

English Abstract 

...functionality only for storing sensitive data including account number 
and private- key and for providing digital signatures to prove 
participation. Smart cards can also carry biometric data. 

Detailed Description 

... in functionality only for storing sensitive data including account 
number and privatekey and for providing digital signatures to prove 
participation. Moreover, smart cards can carry biometric data to be 
recognized by the ... accordance with the present invention. 1 0 Figure 7 
is a flow diagram of the digital signing process for authenticating 
electronic transactions in the system with the security co-processor. 

Figure 8 ... available in the public domain. The private-key is sensitive 
data personal to its owner. Private - keys are provided to individuals 
on smart cards issued to them by organizations such as banks, credit 
companies, employers, etc. 
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A digital certificate binds the key-pair to a name thus providing a 
digital identity. The digital certificate is used to verify that the 
public-key belongs to the particular individual using it... 

...conventional certificate structure conforms, for example, with the 
X509.v3 standard certificate structure. A conventional digital 
certificate 500 includes a user name 502, a certificate validity date 
504, and the public-key... 

...key, can use the public-key to decipher the message and know who sent 
it. Digital certificates allow authenticating messages by tracing the 
messages to their source. Typically, a certificate chain is... a sender of 
transaction messages by traversing upwards through the certificate chain. 
In checking the digital certificate in someone's message, A. Doe can 
check if there is a valid digital identity in the person's digital 
certificate . That is, A. Doe can check if in J. Yen's message there are 
valid... 104. 

In yet another embodiment, the secure computing environment 104 can 
operate as a personal automatic teller machine ( ATM ) system that 
can be used for general purpose or commercial electronic transactions 
which do not require a full keyboard capability. The ATM includes a 
dedicated trusted keypad 130 interfaced through an RS 232 interface (not 
shown) and. . . 

...responds with purchase parameters 308 including a credit card brand 
identifier, a transaction language, a digital signature method such 
...the digital identities 3 14 of the electronic transaction parties, 
typically in the form of digital certificates . The security 
co-processor 122 responds with an identities valid message 316. During 
processing of... 

...Computer 1 14 hands this message "to the security coprocessor 1 12, which 
verifies the cryptographic signature on it to validate the electronic 
transaction party. The resulting verified authorization or denial message 
...key and sensitive data such as, an account number (e.g., debit 
account), and the digital certificate which is equivalent to the 
digital identity and within which the public-key is embedded ... in 
conjunction with Figure 4 above) reads from the smart card the account 
number, the digital certificate and, optionally, the private-key into 
the security co-processor (122), and then it prompts... 

...amount. The message is then electronically signed. 

Figure 7 is a flow diagram of the digital signing process for 
authenticating electronic transactions in the system with the security 
co-processor. First, a... 

...sensitive data is performed, via step 550. For reasons rooted in common 
security industry practice, private - keys should never come off the 
smart cards. This is why the hash output is handed... 

...the biometric data therefore is never resident in the nonsecure 
computing environment. 

Pre-verification of digital certificates of transacting parties saves 
verification processing time especially in a high volume, high frequency 
electronic transactions environment. Pre-verified digital 
certificates of transacting parties can be stored for future accelerated 
use (without having to repeat the... 
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...a RAM. The trusted certificate cache in the secure computing environment 
holds the pre-verified digital certificates which, by reason of the 
interface, cannot be compromised. Once a digital certificate has been 
verified, an API command can be used to store the certificate in the... 

...chain's. To verify the issuer's signature on a certificate requires a 
computationally very expensive cryptographic signature verification. 
Certificate caching means that the expensive signature verification only 
has to occur once, at... 

...device external to the security co-processor 400 (a 128 KBytes memory). 
Encrypted sensitive data, digital certificates and temporary 
variables are stored in the external RAM 602. It would take an expensive 

...can be also used for the trusted certificate cache 604 for holding the 
pre-approved digital certificates . To further discuss this feature 
refer now to Figures 8 and 9 together. 

A digital certificate has a validity period during which it is valid. 
Some certificates also have additional validity ... in the security 
coprocessor. Building the trusted certificate cache begins by waiting for 
a new digital certificate , via step 700. With each new certificate 
the process repeats. Once a certificate is received... 
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impostor or someone who has no 
authorization to ask for that permit. For example, an ATM machine which 
was tampered with, to deliver the details of credit cards with the PIN. . . 
attachment the authorization to issue that permit, from a higher 
authority. The authorization includes the digital 

signature of that authority, to attest to the legitimacy of that permit 
issuance . 

The method facilitates .methods . 

either the document is encrypted with the private key of the issuer, or 
a digital signature is added to the document, with the document 
itself not being encrypted. 
Throughout the present... 

...of certificates and permits may be detailed, it should be understood 
that either encryption or digital signature of these documents is 
possible . 

The first method may inciLide encryption of the certificate with. . . 

...activity or related information, that is 

information about that permit and/or the permit holder. 

Digital signature may include the computation of a hash of the 
certificate or permit, and encryption of... In any organization, firm or 
other entity there is an established final 

authority there. The digital signature of that authority is 
recognized by all those involved with permits in that organization or... 
more usable. 

5. The permit issuer changes his encryption keys, that is the public and 
private keys . The- new permits will be encrypted with the new private 
key 

by the permit issuer ... forge pei-rnits there. 

This can be addressed by the firm changing their public and private 

keys , with center 2 attesting to that change, as detailed in my prior 
application. 

A special . . . 

...the identification and public key for a user. Each 

certificate is attested to with the digital signature of center 2. A 
user may be any entity, for example a private person, a commercial firm 
or an university. 

Digital signatures used at center 2 may include encryption with the 
private (secret) key of center 2... relating to the recipient preferably 
includes information relatin-1 to that recipient's certificate. A 
digital 

certificate uniquely identifies a specific person, so that a permit 
together with that user's cerdf icate . . . In the latter option, the. permit 
is not encrypted, but is made secure with a digital signature which 
is;@.epared and added to the permit. 

Each signature includeE a hash of the... 

Claim 

claim 4, wherein the means to attest to its authenticity comprise an 
addition of a digital signature , including a hash of the permit which 
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is encrypted with a private key of said. . .preparat : 1-In by encrypting the 
message prepared in step (B) 

above or adding a digital signature to said message, by an authorized 
person using 

their private key for that facility; and. . . 
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Detailed Description 

... amount of money stored in the device. A customer 
connects with a bank through an ATM or equivalent 
and withdraws money from his bank account and the 
value of the withdrawal ... records must be held until all of the 
merchant's devices have been to an ATM . 



Another problem with the system is that if a 

transaction has gone through several hands ... funding . Therefore, they 
have relatively 

lower transaction costs as compared to credit 
systems. Typically, an ATM transaction costs $0.50, 
or less, and an ACH transaction costs less than 
$0 Only. . . 

...systems. Debit systems may employ public key 

cryptography schemes for security and a variety of 
digital signature algorithms for authentication. 

This level of security allows debit systems to 
operate freely over open... agent and the customer 
and merchant status information, the payment advice 
message bearing a verifiable, digital signature of 
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the agent over part of its content. 

The customer then forwards a portion of... 

...the portion of the payment advice message. 

The merchant can verify the validity of the digital 

signature contained in the received payment advice 
message portion. 

In another aspect, this invention is a... 

...The agent then issues to 

the customer a payment advice message which bears a 
verifiable digital signature computed over part of 
its content, the issuing by the agent being based 
only on. . .This customer account must 
typically be funded before purchases can be made, 
for example through ATM 122, although actual funding 
is outside the scope of the payment system. The 
customer 1 s . . . exponent is 

for efficiency only and should be considered 
optional . 

- 43 

As stated in the Digital Signature Standard 
FIPS document, DSA parameters can be generated in 
such a way as to allow of digital 
certificates issued by certifying authorities 
(public key certificates) is well-known and is 
described in various ... are not used in communications 
between the customer and merchant. 

All security-related quantities, especially 
private keys , should be held in memory for as short 

a time as is possible. After their... of g, p, and YCTA (the CTA's public 

key component) are contained in a digital 
certificate issued to the CTA 102 and signed by the 

CA 124. The certificate is transmitted ... a 

public/private key pair. The private key is used by 

the customer to generate digital signatures . The 

public key is used by the CTA 102 to verify digital 
signatures from the customer. 

The customer private DSA key is randomly 
generated as part of the... for use 
by a particular merchant. Unlike the customer, 
however, the merchant is issued a digital 

certificate signed by the MCC 114. This certificate 
conveys the MCC's trust in the identity... 

Claim 

and 

on status information which the agent has, the 
payment advice message bearing a verifiable digital 
signature of the agent over part of its content. 

19 A method as in claim 18. . . 

...in claim 19 further comprising 
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the step of: 

the merchant verifying the validity of the 

digital signature contained in the received payment 
advice message portion. 

21 A method as in claim 18... issuing by the agent to the customer a 
payment 

advice message which bears a verifiable digital 

signature computed over part of its content, the 
issuing being based only on the payment request... 
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Detailed Description 

. . . intermediary. The EFT system 

may be used in conjunction with the ACH system described 

above 

Automatic teller machines ( ATM ) and point of sale 
(POS) devices allow an individual to conduct a 
transaction from a location outside the home. ATM ? s have 
remote computer terminals connected to the user's bank 

which allow access, directly ... credit card. The smart card is portable 
and may be easily used in POS and ATM environments 

Summary 

In general, in one aspect, the invention features 

a computer-based method in... the payee, and the amount to be paid. Then, 
in a secure hardware token, a digital signature is 
appended to the data 

In general, in another aspect, the invention 
features a computer. . . 

...instrument in digital form into a secure hardware 

token and, in the token, appending a digital signature to 
the digital information 

In general, in another aspect, the invention 

features a computer-based. .. features a computer-based method for reducing 
fraud 

associated with an electronic payment instrument. A 
cryptographic signature associated with a party to the 

instrument is appended to the instrument. Upon receipt 

of an electronic payment instrument, there is automatic 

checking of the cryptographic signature against 
cryptographic signature information of other electronic 

payment instruments previously received 

Advantages of the invention may include one... that can be initiated 
from a variety of devices, such as a personal computer, 
screenphone, ATM or payments accounting system 

Financial accounts may be rapidly and securely settled 
between trading partners ... to the financial 
payments and bank clearing networks in a secure fashion. 
The use of digital signatures , hardware based signing, 
and banks as certification agents, make the instruments 
trusted and secure. They are tamper-resistant due to th 
use of cryptographic signatures . This will provide 
greater security and reduced fraud losses for all parties 
in the payments ... enables easy 

electronic authentication by a payee, and the payee's and 
payer's banks. Digital signatures can be validated 
automatically 

Since the system can be fully automated, and new 
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processing can... of a portion of an 
electronic check 

Figure 8 is a format of a digital cryptographic 
signature based on DDS 

Figure 9 is a block diagram ...which in some respects mimics the paper 
check . 

It is initiated and routed electronically, uses digital 

signatures for signing and endorsing, and relies on 
digital cryptographic certificates to authenticate the 
payer and. . .be initiated by the payer 12 only. The 
memorandum 66 may contain the payee's digital signature , 
which may be generated by the payee's secure 

authenticator 68 using public ...payee's signature by using the 
payer's public key to verify the payee's digital 

signature and thus authenticates the payee 14. To 
proceed with the transaction, the payer 12 electronically. . .of the 
instrument 74 from the payer 

12, the payee 14 validates the payee's digital signature 
using . . .payer 12, if 

necessary. The payee 14 endorses the instrument 74 with 

the payee's digital signature using its authenticator 68 

In effect, this enables the payee 14 digitally to sign 
the ... receives the endorsed 

instrument 74 deposited by the payee 14, validates both 
the payee 1 s digital signature of endorsement and the 
payer's original digital signature using public key 
cryptography, verifies that the instrument 74 is not a 
recent duplicate and. . . 

...payer's bank 82 via existing 

electronic settlement procedures, e.g., bilateral 
arrangement, ECP, ACH, ATM , EFT, or check imaging. The 
settlement procedures are carried out over a network 80 
connecting ...The PCMCIA card 

or 96 is an electronic device that acts as the user's 

digital signature card, provides a secure means for 
generating a signature with a private signature key, and. . . 

. . .checkbook. Alternatively, the 
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easily distributed 

3 

across physical boundaries. For example, the SPU Could be incorporated 
into an ATM card (and in ATM machines throughout the world), thereby 
implementing a 

Reflecting this Programmable Distributed Personal Security (PDPS) design 
...information and the processing based on that information. It securely 
creates, stores and/or deploys secret keys or algorithms used in the 
encryption and 
:D 

decryption of information. For example, although keys... 

...the 
4 

SPU at manufacture time, keys may also be created onboard the SPU,- 
including secret keys or private/public key pairs, as master keys, 
.for various applications, for particular sessions within. . . 

...access card, holding information decryption keys, transaction records, 
credit and account information, one's own private keys , and digital 

certificates . About* the size of a standard credit card, such access 
cards Could perform a variety. . . 

...encryption capability supporting the major cryptographic standards, 
secure key exchange, secure storage of private and secret keys , 
algorithms, certificates or, for example, transaction records or 
biometric data, verif iability of data and messages ... encryption schemes 
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have been proposed, such as where a user 

creates and authenticates a secure digital signature , which is very 
difficult to forge and thus equally difficult to repudiate. Because of a 
...Clock 5 provides the optimal calibration input. 

This calibration is accomplished at the same time secret keys are 
installed and can only be done in the manufacturing mode. The final set 
frequency. . .SPU. 

One aspect of the present invention is an inverting key storage 
arrangement wherein the secret keys are periodically inverted. As a 
result, the net average charge across all memory cells is... 
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... and coins. The system 24 which may be, for example, a cash machine 
manufactured by Diebold , Inc . of Canton, Ohio. The cash machine will 
generally include: a dispenser display 44 for displaying... 

...dimes, nickels and pennies. The cash machine may also include additional 
features associated with conventional ATM ! s. For example, the cash 
machine may provide cash withdrawal functions, check depositing 
functions, balance... or 

substantially integral alarm system 223. For example, the change 
dispenser 224 may be an ATM -type machine, such as that manufactured by 
Diebold , Inc . , having an 
21 

integral security system (e.g., alarm systems) that includes integral 
camera surveillance. . . 
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Claim 

wherein said money dispensing machine is 
further operative to function as an automated teller machine ( ATM ) 
31 

. A money managing system for use in connection with a food service 
business, comprising. . . 
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English Abstract 

...system (CDCS) 10 securely dispenses paper money in one of the 
following modules (1) an ATM system and (2) a currency control system 
38 that allows a merchant or merchant-approved employee to withdraw cash 
from the CDCS 10 independent of a standard ATM electronic fund transfer 
(EFT) network. The CDCS may also include the following functionalities: a 
duress . . . 



Detailed Description 
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. .. and control system (CDCS), and more particularly, to a CDCS including 
an automated teller machine ( ATM ) system and a currency control system 
that effects time-delayed dispensation of on-site currency. . . 

...from a user's bank account. The primary vendors are Docutel, Inc. of 
Dallas, Texas; Diebold , Inc . (Diebold) of North Canton, Ohio; IBM of 
New York; and NCR Corporation (NCR) of Dayton. . . 

...having a business relationship with a bank. In about 1992, Tidel 
produced a dial-up ATM , which was based on a combination of the 
company's tube dispensing, cash-control safe... 

...an off-the-shelf Verifone credit/debit card point-of-sale terminal. 
Although the resulting ATM had limited capabilities in comparison with 
the Diebold and IBM ATMs, it cost only approximately. . . 

...the market. These three companies are now the most 

successful vendors in the United States ATM market. The newest ATM 
products, whose sales number in the hundreds of thousands, are not true 
ATMs, but rather... 

...robberies of commercial 

establishments having electronic .gaming stations. The high cost of 
purchasing both an ATM and a time-release safe limits many merchants 
from purchasing both machines. Further, both machines... 

...station winners. 

[0010] Thus the present inventors recognized a need for a CDCS 
including. an ATM system and a controlled-access dispensing safe. Tidel 
invented a cash dispensing system that "emulates an ATM to access and 
perform transactions through the EFT system and activates a printer to 
issue . . . 

...inventors of the present invention recognized a need for a 

cost-effective CDCS including an ATM system and a controlled-access 
dispensing safe that operates independent of an EFT network and. . . 

...and control system (CDCS). In a preferred embodiment, the CDCS includes 
an automated teller machine ( ATM ) system and a controlled currency 
control system 
5 

that operates independent of an electronic fund transfer (EFT) network- 
and that securely dispenses cash. 

[0013] The CDCS includes (1) an ATM system and (2) a currency control 
system that effects dispensation of on-site currency independent... 

...The currency control system may also receive currency for immediate 

storage or disbursement through the ATM or currency control portions of 
the CDCS. 

[0014] The currency control system may also include... 

...functional portions of an exemplary CDCS of the present invention and 
the interaction between the ATM system and the currency control system. 

[0019] Fig. 2 is a flow diagram showing an... 

...an exemplary preferred CDCS 1 0 is capable of performing both 
traditional automated teller machine ( ATM ) transactions and 
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the need to purchase both machines. Using CDCS 10, merchants can quickly 
remit . . . 



...system 38 of CDCS 1 0 is faster and more reliable than using prior art 
ATM /time-release safe terminals. 

[0040] It will be obvious to those having skill in the... 
Claim 

... is located peripherally to the portion of the currency dispense and 
control system housing the ATM system. 

17 The currency dispense and control system of claim 1 , in which the 
currency control system and the ATM system share a single set of 
currency 

dispense and control system hardware. 

18 The currency dispense and control system of claim 1 , in which the 
currency control system and the ATM system have separate hardware. 

19 The currency dispense and control system of claim 1 , in. . . 

...alphanumeric code. 
16 

. A currency dispense and control system that securely dispenses 
currency, comprising: 

an ATM system including ATM hardware assembled, interconnected, and 
operated to interface with and utilize an electronic fund transfer system 

...27 A currency dispense and control system that securely receives and. 
dispenses currency, comprising: 

an ATM system that (1) magnetically reads data in a magnetic stripe of 
a user account identification... 
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Detailed Description 

Detailed Description 
. . . INVENTION 

The present invention relates to automatic software loading for fands 
processing systems such as automatic teller machines and currency 
redemption machines. 

SUMMARY OF THE INVENTION 

The primary object of the present invention is to provide an improved 

automatic teller machine (" ATM ") or currency redemption machine 
that is capable of processing cash deposits as well as withdrawals. . . 

...operation of the currency 
processing system; 

FIG. I b is a perspective view of an automatic teller machine 

embodying the 
present invention; 

FIG. I c is a diagrammatic side elevation of the machine ... for a long 
period of time while the deposit is verified as occurs in typical ATM 
systems. Also, the system is capable of depositing the received amount 
amongst remote locations and... that conveys those coins to the 
coin-return slot 4 at the front of the ATM . While FIGS. 67-70 
illustrate only a single exit chute, it will be apparent that... 
Pennsylvania, could be utilized in addition to the Diebold "Express 
Delivery" family of products from Diebold , Inc . of Canton, Ohio. The 
currency dispenser 2048 is useful when transactions are being recorded 
which. . . 
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Detailed Description 

. and coins. The system 24 which may be, for example, a cash machine 
manufactured by Diebold , Inc . of Canton, Ohio, includes: a dispenser 
display 44 for displaying instructions, prompts, advertisements and the 
...5 substantially integral alarm system 223. For example, the change 
dispenser 224 may be an ATM -type machine, such as that manufactured by 
Diebold , Inc ., having an integral security system (e.g., alarm 
systems) that includes integral camera surveillance, electronic. . . 
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Detailed Description 

Claims 

Detailed Description 

with the central system. 
The indicia may comprise an article, such as magnetic stripe card, smart 

card , bar coded card, or any combination thereof Either the magnetic 
stripe, chip or bar code ... example ) capable of receiving input from the 
central system, printing indicia or other information, performing smart 

card or magnetic stripe card reader or bar code scanner functions, and 
sending output to the... for receiving payment from the customer (i.e., 
.through cash, or magnetic stripe card or smart card readers, for 
example), a communication portion for notifying the central system of the 
sale of . . . 

Claim 

... a magnetic strip card. 

4 The method of claim 2, wherein the article is a smart card . 

5 The method of claim 2, wherein the article is a card ha ving a... 
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... unique values associated with a piece of hardware (e.g., a processor, 
disk, dongle, or smart -card ) and a secret passphrase known only to 
the authorized user associated with said hardware. Effective... 
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But some may support additional authentication types, such as 
bionietrics, digital certificates , tokens or smart cards . 

Authentication Method - The method differs from the type by representing 
the underlying authentication architecture . How. Company-Wide 
Architecture and Processes 

0 Define Technical Security Infrastructure (Single Sign-On, 
Intrusion Detection, Digital Certificates , VPN, etc) 
Provide Technical Consulting to Businesses 

Assist Business to Resolve Business Specific Security Issues... 
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... electronic document and digital signature. 

Such public keys are often distributed as part of a digital 
certificate which is digitally signed by a trusted third party 
certificate authori ty. 

Although the digital certificate and public key may be publicly 
disclosed to the world, the private key must remain. . .CompactFlash and 
Sony Memory Stickg; PC Cards Interfaces; CD drives, 

DVD drives; Mini-CD drives; smart cards ; floppy disk drives; and 
digital tape drives . 
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with the one digital safe deposit account to be attached to the 
electronic document... 

.The apparatus according to claim 94 wherein the computer 

processor is operative to cause a digital certificate to be generated 
and stored in association with the new digital safe deposit account, 
wherein ... financial account number. 

105. The method according to claim 103, ffirther comprising: 

d) accessing a digital * certificate previously associated with the 
financial account number, wherein the digital certificate 
includes a public key that corresponds to the private key, 

wherein the public key is capable of being used to validate the 
digital signature; and 

e) enabling the digital certificate to be associated with the 
electronic document. 

106. The method according to claim 103, further... 

.cash from the ATM. 

1 1 6. A method comprising: 

a) producing a plurality of digital certificates for a plurality of 
individual customers, wherein each individual customer is 
associated with an account; 

b) associating the accounts of the individual customers with the 
corresponding digital certificates of the individual customers; 

c) producing at least one card for each of the individual... 

.1 9. The method according to claim 116, wherein in step (a) each 
digital certificate includes a public key that corresponds to a 
private key, wherein in step (c) the... 

.digitally signed responsive to the private key that corresponds to the 
public key of the digital certificate which is associated with the 
account of the individual customer using the machine. 
120. The. . . 
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Detailed Description 

Increasingly self service machines are being provided with the 
capability of accepting a 

user's smart card . Smart cards include a memory thereon which has 
data 

representative of monetary value. Instead of assessing a... 

. . .monetary value from the value represented by data in the memory of the 
user ' s smart 

card . Cash receiving and dispensing capability has generally not been 
provided machines such as those described. . .provided by interaction of 
the 

controller with a replaceable plug-in memory such as a smart card . 
Various 

forms of user interfaces may also be provided to simplify and facilitate 
operation of... Cards 18 may be various types of cards such as credit 
cards, debit cards or smart cards which include information for 
identifying the user and/or their accounts. 

User interface 14 of... cards may also be employed with the machine. Such 
cards include varieties of so called " smart 

cards " which include a programmable memory with data thereon. Such data 
may include information about the. . . 

. . . date . hi one 

exemplary embodiment the plug-in memory 38 may be supported on a smart 

card . The plug-in memory '3 8 may include one or more promotional items 
which are... in the plug-in memory 3 8 which in the described exemplary 
embodiment is a smart card , includes a promotional message as well as 
time parameters associated with the promotional message. Thus... 

...Because the exemplary embodiment enables the presentation of 

promotional messages selectively by simply plugging a smart card into 
an 

associated connector 36, the promotional messages may be changed readily 
and inexpensively from. . . 

. . . For example the 

merchandising establishment or entities sponsoring promotional events may 
provide promotional messages on smart cards to operators of the 
machine 10. 

The operators of the machines 1 0 may plug. . . 
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...understood that while in the exemplary embodiment the 

plug-in memory 3 8 includes a smart card , other embodiments may 
include 

other types of memory devices. These may include for example floppy... 
regardingtransactionsonacardorotherobject . Suchtransactiondatamaybe 
stored for example on a magnetic stripe card or in memory on a smart 
card . 

Alternatively merchant users may have contactless cards or tokens which 
are electronically or magnetically programmable ... be understood that 
embodiments may read various types of cards such as magnetic stripe 
cards, smart cards , cards with optical or other types of indicia. 
Output devices in the exemplary user interface... 
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... in operative connection with the ATM such as a floppy disk, CD, 

magnetic stripe card, smart card , or any other portable medium that 
the diagnostic interface is operative to access through the... 
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.embodiment of the authentication system, the 

diagnostic interfaces 40 may include a secret password or digital 
certificate which may be used by the diagnostic interface to determine 
if an application is allowed. . . 

.interface may then authenticate the digital signature associated with 
the communication using one or more digital certificates and/or 
public keys stored in operative connection with the diagnostic interface. 
When the digital... 

.In a further exemplary embodiment, the diagnostic application may be 
required to send a valid digital certificate to the diagnostic 
interface prior to being granted access to the transaction function 
device. The digital certificate may be validated by the diagnostic 
interface using a trusted public key of a certificate authority that 
issued the digital certificate . The digital certificate 
may also be evaluated by the diagnostic interface to determine if it has 
expired. When the digital certificate has expired or is otherwise 
invalid, the 

I 0 exemplary embodiment of the diagnostic interface... 
.be operatively 

programmed to return a message to the calling application which indicates 
that the digital certificate is not valid and access to the 
transaction function device is denied. In further exemplary. . . 
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Detailed Description 

... identify and authenticate the provider. 

Other means of identification and authentication include the use of " 
smart cards " or biometric samples, both of which are well, known in 
the art. Methods for making smart cards are described in U.S. Patent 
No. 5,955,021 and references therein. A typical method for using smart 
cards is described in U.S. Patent No. 5,983,273, and biometric sample 
(also known ... 
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. . . is in operative connection with storage read/write devices 

such as a floppy disk drive, smart card drive, flash memory drive, or 
any other device that is operative to read and write... to charge the fee 
to an account associated 

with a credit card, debit card, or smart card for example. For ATMs 
that 

include a currency accepting device, the ATM may be operative ... may be a 
bank card, credit card, 1 5 debit card, gas card, merchant card, smart 
card , or other medium that is operative to store account data and/or 
other information which... some embodiments of the present invention 
include 

credit cards, bank cards, debit cards, merchant cards, smart cards , 
or any other 

portable medium that can store account or user information and/or data... 
in one or more data stores. This credit information may be stored 
locally on a smart card or other item, at the ATM or remotely in a 
computer 

such as a financial... 

...The portable sound player would only be operative to play the sound 
file if the digital certificate corresponds to a unique code or 
certificate associated with the portable sound player. Also the... 
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Detailed Description 

... bill; and card readers are improved .so they can work with magnetic 
stripe cards and smart cards . 

As long as the basic functionality of a new device is the same as a... a 
personal ATM. 

It is a further object of the present invention to provide a smart 
card 

operated as a personal ATM. 

It is a further object of the present invention to... any small portable 
computing device such as a notebook computer, 

cell phone, PDA, pager, or smart card . The personal nature of this 
embodiment allows an individual to store a plurality of their... 
infon-nation stored in. personal ATMs. 

Figure 15 schematically represents a personal ATM on a smart card 
that is operative to use the input and output devices of a notebook 
computer to'- . . 

. . .with services of a host ATM. 

Figure 19 schematically represents a personal ATM on a smart card 
that is operative to perform banking transactions with services of a host 
ATM . 

Figure 20 . . . 

...first activated. 

Figure 21 schematically represents the process of using a personal 
ATM on a smart card when the personal ATM is first activated. 

Figure 22 schematically represents the process of withdrawing ... as an 
attached PC card modem, and a card reader service 512 such as a smart 
card reader. The printer service can be used to print banking 
transaction receipts or even full... 
...purchases of goods or services. The card reader service 512 can provide 
access to a smart card for storing electronic money, or 1 5 to read 
the account inf ort-nation from a. . . 

. . . displays and 

input devices. However, the present invention also encompasses other 
computing devices such as smart cards which do not have displays and 
input 
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Transfer Amount Menu 

Usinj . . . 

.Account 

Bank B Checking Account 94 0 
Bank C Savings Account 
Money Market 

e-money, on smart card (local Device) 
e-money on smart card (Host ATM: Bank 2) 
e-money local (encrypted storage) 
Select Item 
U 

Withdrawal Amount Menu. . . 
. Menu 

Bank B Checking Account 
Bank C Savings Account 950 
Money Market 

e-money on smart card (local Device) 
e-money on smart card (Host ATM: Bank 2) 
e-money local (encrypted storage) 
Select Item 
13 

Deposot FromMenu 

952/. .Checking Account 

Bank C Savings Account -06962 

Bank D Debit Card Account 

e-money on smart card (local Device) 

e-money local (encrypted storage) 

Select Item 

a 

Payment Validation Menu 
Pay $150. . . 

.B Checking Account 

Bank C Savings Account 

Bank D Debit Card Account 

e-money on smart card (local Device) 

e-money on smart card (MD Pan-nacy X) 

e-money local (encrypted storage) 

Select Item 

Validate Payment Menn 

— 976. . . 
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Increasingly self service machines are being provided with the 
capability of accepting a user's 

smart card . Smart cards include a memory thereon which has data 
representative of monetary value. Instead of assessing a... 

. . .monetary value from the value represented by data in the memory of the 
user's smart card . 

Cash receiving and dispensing capability has generally not been 
provided in most self service and... are provided by interaction of the 
controller with a replaceable plug-in memory of a smart card or 
similar device. Various forms of user interfaces may also be provided to 
simplify and... types of cards may also be employed with the machine. Such 
cards include so called " smart 

cards which include a programmable memory with data thereon. Such data 
may include information about the... date. In one 

preferred embodiment the plug in memory 38 may be supported on a smart 

card . The memory may include one or more promotional items which are 
promoted only during certain... in the plug in memory which in the 
described fonn of the invention is a smart card , includes a 
promotional message as well 

as time parameters associated with the promotional message. Thus... 

...form of the invention enables the presentation 

of promotional messages selectively by simply plugging a smart card 
into an associated connector, the promotional messages may be changed 
readily from 
outside the machine... 

...For example the merchandising 

establishment or entities sponsoring promotional events may provide 
promotional messages on smart cards to operators of the machine. The 
operators of the machines may plug the cards into. . . 

. . .be understood that while in the exemplary embodiment the 

plug in memory element includes a smart card , other embodiments may 
include other types of plug in memory devices. These may include for... 
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encoding other readable indicia on the card. 

Alternatively, if the customer's card is a " smart " card which 
includes 

semiconductor storage thereon, the URL address associated with the 
customer may be included. . . 
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... re strongly pursuing, " Congemi said. When a customer wishes to make 

a Web purchase, a digital signature — generated by bank-provided chip 
cards or software — is transmitted along with the customer ' s ATM card* 
number to the merchant processor. The digital signature is validated 
using the customer's public key, which is kept on file by Star... 
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... real-time reporting of votes. 

EMMA will support the use of passwords, personal identification 
numbers, digital certificates , digital signatures , and biometrics 
to identify voters. The ATM also will be able to display candidates 1 
photographs and biographic information. All aspects of the. . . 

16/3, K/3 (Item 3 from file: 16) 

DIALOG (R) File 16: Gale Group PROMT (R) 

(c) 2005 The Gale Group. All rts. reserv. 

08311832 Supplier Number: 69698271 (USE FORMAT 7 FOR FULLTEXT) 
ATMs Get a Boost From the Election Snafu. 
Credit Card Management, vl3, nlO, p8 
Jan, 2001 

Language: English Record Type: Fulltext 
Document Type: Magazine/ Journal ; Trade 
Word Count: 551 

... any central election data center. 

EMMA will support the use of passwords, personal identification 
numbers, digital certificates , digital signatures , and biometrics 
to identify voters. The ATM also will be able to display candidates 1 
photographs and information about the candidates. All aspects... 
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... In fact, we will soon be making an announcement about a major 

agreement to include smart cards into multi-application cards: credit, 
ATM , loyalty cards that could include digital signatures or even 
fingerprint reading. " 

Cards for GPS and third-generation wireless cell phone products will 
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. . . are very high . " 

Another regional EFT network Internet debit solution being tested is 
Internet Secure ATM Payments (ISAP). The system would require consumers 
to use a smart card and a reader, linked to their PC, to generate a 
digital signature , which would authorize an Internet purchase with their 
ATM card. Participants in the effort at... 
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Maestro (Mastercard) plus Citigroup and the National Automated 
Clearing House Association (NACHA) . Called Internet Secure ATM Payments 
(ISAP), the solution would require consumers to use a smart card and a 
reader; linked to their PC, to generate a digital signature , which 
would authorize an online purchase with their ATM card. 
"Instead of using their PIN... 
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... introduction this year of the Blue -card. 

Another- way of authenticating customers, with or without smart 
cards , is digital signature and certificate technology. The ATM 
network Star Systems, Citibank, and several others . joined a National 
Automated Clearing House Association project. . . 
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... a full-fledged public key infrastructure with digital credentials. 

Activcard sells the package as an " ATM -like process" with smart card 
readers. Entry of "a personal identification number generates a digital 
signature for secure network access. 

Activcard Inc. president Tom Arthur said that the Activcard-Entrust 

is . . . 
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applications . 

By embedding the complexities of strong authentication using one-time 
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use dynamic passwords and digital signature -technology behind an 
interface as well-known as the ATM and combining this with the security 
and portability of a smart card , ActivCard Gold and 0racle8i are 
enabling next generation Internet applications such as e-commerce to. . . 
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historically worked closely with Diebold, was an early Certicom 
licensee. Last year it demonstrated a digital signature operation on a 
smart card . Verifone uses the Certicom cryptosystem in its Personal ATM 
, a hand-held smart card reader that can hook into telephone lines. 
"Diebold is a highly credible company, and that... 
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into smart cards will allow consumers to take that card to any 
computer or automated teller machine ( ATM ) , log on, and conduct 
banking transactions. Digital Signatures On Smart Cards 

"Smart cards are a huge boom to the use of digital signature and 
digital certificates," says Greg Smirin, group product manager at Mountain 
View, Calif. -based Verisign... 
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... years. By fall, Maher says trials might involve applications that 
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include a Mondex purse, a digital signature and physical door access. 

The popularity of smartcards also hinges on the availability of PC, 

ATM and POS readers, as well as back-end merchant and bank systems. Gary 
O'Neall. . . 
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such as medicine, transport, finance, energy and manufacturing 
which depend on international data interchange. 

The electronic signature devices will need to combine digital 
signature , smart card , and multi-application technology. 
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require a peripheral attachment to the personal computer at which 
the user is "signing" the electronic document. This device could accept 
a smart card containing the digital signature , along with other 
transaction data. Standard encryption methods would bind the digital 
signature to the... 
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...introduction this year of the Blue card-. 

Another way of authenticating customers, with or without smart cards , 
is digital signature and certificate technology. The ATM network Star 
Systems, Citibank, and several others joined a National Automated Clearing 
House Association project. . . 
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...a full-fledged public key infrastructure with digital credentials. 
Activcard sells the package as an " ATM -like process 11 with smart card 
readers. Entry of a personal identification number generates a digital 
signature for secure network access. 

Activcard Inc. president Tom Arthur said that the Activcard-Entrust is... 
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... a full-fledged public key infrastructure with digital credentials. 

Activcard sells the package as an " ATM -like process" with smart card 

readers. Entry of a personal identification number generates a digital 

signature for secure network access. 

Activcard Inc. president Tom Arthur -said that the Activcard-Entrust is 



16/3, K/18 (Item 1 from file: 647) 

DIALOG (R) File 647 : CMP Computer Fulltext 
(c) 2005 CMP Media, LLC. All rts. reserv. 



Sylvia Keys 



16-Jun-05 08:31 AM 



01130840 CMP ACCESSION NUMBER: NWC19970701S001T 

Can Smartcards Unlock Electronic Cash Vaults? (Context - Background news 
analysis) 

Christy Hudgins-Bonaf ield 

NETWORK COMPUTING, 1997, n 812, PG24 

PUBLICATION DATE: 970701 

JOURNAL CODE: NWC LANGUAGE: English 

RECORD TYPE: Fulltext 

SECTION HEADING: Business Trends 

WORD COUNT: 1103 

... years. By fall, Maher says trials might involve applications that 

include a Mondex purse, a digital signature and physical door access. 

The popularity of smartcards also hinges on the availability of PC, 
ATM and POS readers, as well as back-end merchant and bank systems. Gary 
O'Neall. . . 
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TEXT: 

...recipient of online transactions to verify themselves and each other, 
most commonly by attaching a " digital certificate " or some other form 
of digital .signature , which could even be an electronic fingerprint. 
"These are the technologies of the future," says... 

...Corp., which launched its secured access-control service to corporate 
customers early last year. PKI, digital certificates The necessary 
infrastructure for user authentication, known as public key infrastructure, 
or PKI, consists of two security "keys." One is the public key (the 
digital certificate ) , which is either downloaded from a browser or 
called up from a hard drive and... 

...RSA key, after RSA Security Inc., the company whose subsidiary is the 
market leader in digital certificate supply. The private key sits on 
the hard drive of a computer and, when activated. . . 

...York-based Deloitte & Touche LLP, part of global consultancy Deloitte 
Touche Tohmatsu, says PKI and digital certificates solve the 
overlapping problems of safeguarding privacy and security. "Pursuing 
customer confidentiality has become a. . . 

...a significant book of corporate customers with transactions of more than 
$1 million are deploying digital certificate technology. Typically, the 
financial institution provides customers with the necessary hardware and 
software to access... 

...country's largest bank with 30 million retail and 2 million business 
customers, rolled out digital certificates in January last year to 400 
online customers of Bank of America Direct, the bank. . . 

...in charge of authentication services at BofA, while declining to offer 
specific figures-. Hicks says digital certificates allow BofA Direct 
customers to conduct secure transactions with the bank and its customers, 
and. . . 

...supplier Cisco Systems Inc. of San Jose, CA. It will allow Cisco to 
verify the digital certificates of its customers using the bank 
network, thus generating an additional source of revenue for. . . 

...founding member of Identrus, a global trust organization formed last' 
year to provide authentication for digital certificates . Other Identrus 
founders include ABN AMRO, Bankers Trust, Barclays Bank, Chase Manhattan 
Bank, Citigroup, Deutsche ... of the founding banks. But some bankers and 
security analysts point out that the PKI- digital certificate system has 
security weaknesses. They say the private key can still be reached by a..'. 
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. . .Blue hold a microchip that can store data, digital cash, and a private 
key and digital certificate . The chief advantage is that the user takes 
the key out of the computer and. . . 

...wider applications of the smart card, Hicks of BofA says. These include 
storing and sending digital certificates and downloading digital cash 
as well as making credit, debit and ATM transactions. The $633 billion 
bank advocates storing users' fingerprint templates on individual smart 
cards for. . . 
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. . . banks, brokerages and other service providers to secure their 

retail customers 1 e-commerce transactions using digital signatures . 
CeloCom Web lets anyone register, install and use X.509 digital 
certificates from leading certificate issuers as quickly and easily as 
activating and using an ATM card, creating more secure transactions and 
opening the door to a wider array of e. . . 
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and Microsoft IIS web pages and enabling the smart card-based use 
of popular PKI digital certificates and private keys with Microsoft 
Internet Explorer and Outlook. ActivCard Gold enables Windows login to 
become "smart card. . . 

...security to the overall system and provides users with the simple 
experience of using an ATM when logging into their Windows Workstation. 
"We are at the cusp of an evolutionary change... 
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TEXT: 

...our customer's business requirements" said Mr. Morris. "With our 
expertise in Public Key Cryptography, Digital Certificates and 
Certificate Authority software, Cylink will continue to release products 
that solve urgent information security. . . 

. . .All SecureAccess products use the Data Encryption Standard (DES) for 
high quality security and the Digital Signature Standard (DSS) for 
authentication with X.509 certificates. X.509 is the emerging international 
and. . . 

...area networks (WANs), public packet switched networks (such as the 
Internet) and Asynchronous Transfer Mode ( ATM ) and Frame Relay networks. 
Headquartered in Sunnyvale, California, Cylink' s customers include Fortune 
500 companies . . . 
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... real-time reporting of votes. 

EMMA will support the use of passwords, personal identification 
numbers, digital certificates , digital signatures , and biometrics 
to identify voters. The ATM also will be able to display candidates' 
photographs and biographic information. All aspects of the... 
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...completes a very vital link in our design, " PKI security is based on 
mathematical keys - digital certificates - to authenticate customers, 
provide digital signatures and assure information integrity and 
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confidentiality. NCR signs European trio to pilot iris ID NCR. alliance 
between CBA and Woolworths, due to be launched early next year. Diebold 
unveils enhanced ATM features DIEBOLD HAS developed new automated teller 
machine ( ATM ) features that allow deployers of the machines to cross-sell 
services through personalised, onscreen marketing. . . 

...Diebold senior director of worldwide marketing Thomas Swidarski. "Our 
one-to-one marketing concept allows ATM deployers to use their existing 
customer database for information that can help them target a specific 
message to the consumer at the ATM , " he added. Diebold 's one-to-one ATM 
marketing concept uses the waiting time of a standard ATM authorisation 
period to display interactive messages to consumers about products and 
services. As it works in conjunction with an ATM deployer ! s customer 
information database, the system allows institutions to customise the 
advertising message depending upon demographics, existing account 
relationships or retail buying habits. A bank customer using an ATM 
during the holiday season, for example, might be shown a promotion for debt 
consolidation loans on one transaction, while the frequent ATM user next 
in line, who is not a bank customer, might read about a new checking 
account that waives ATM transaction fees. Customers may also be prompted 
to respond to onscreen questions, which may even... 

. . .marketing departments for proper follow-up. As it runs during the 
waiting phase of the ATM transaction, one- to-one marketing does not 
delay transaction times or create long waiting lines... 

... is offered can do so by answering in the negative to the onscreen 
prompts. For ATM deployers, the system provides a tracking capability 
that allows them to monitor the success of the ATM marketing programme. 
It can also be configured to dispense a coupon from the ATM receipt 
printer as a way to reinforce a message. Swidarski said, that the technology 
has two big attractions for Diebold 1 s clients. "It not only helps ATM 
deployers build customer loyalty but it provides them with a 
revenue-generating advertising medium that . . . 
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have guessed that the geographic spread of Utah was a contributor 
to the spread of digital signatures . Indeed, Utah's state government 
passed legislation in 1995 recognizing digital signatures as a legal 
means to authenticate electronic communications-the first government body 
to do so . . . 

...progressive in this area. "Utah is spread out geographically," explains 
Jon Matonis, vice president of Digital Signature Trust Company (DST) in 
Salt Lake City, UT. "It didn't make sense to drive... 

...in Salt Lake City." So the state of Utah sought to create a system of 
digital signatures to accompany the electronic filing of court. 
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documents. To which organization did the state turn... 

...the technology to motor vehicle registrations and state health care 
processing and filings, as well. Digital signatures can be applied 
"anywhere there's a paper-based process," Matonis notes. But digital 
signatures can only be applied in conjunction with certificate authorities 
(CAs), which are independent organizations that guarantee the authenticity 
of digital signatures . Many think that those third party CAs should be 
banks, since they have been in... 

...take on the challenge of being a CA. Zions formed DST last year to 
provide digital signature authentication and certification. Impetus for 
the initiative came directly from Zion's CEO and president... 

...serve as part of Utah's E-Commerce Group, a consortium formed to 'develop 
a digital signature system for the state. Ultimately, Zions is betting 
that its involvement in digital signatures today will ensure it a 
steady stream of fee income tomorrow. In its 1996 annual... 

...investment in creating DST, the subsidiary already is staffed up with 22 
employees. In providing digital certificate services, Zions and DST 
intend to compete head-to-head against other established CA service ... would 
like to use them on an outsourcing basis. By contracting with a number of 
digital certificate software providers, Zions is able to offer different 
levels, types and formats of digital certificate security. For example, 
customers wanting to employ only SET (Secure Electronic Transaction) 
certificates, would contract to use GlobeSet via DST's service bureau. 
Customers wanting a digital certificate stored on a hardware token 
would be directed to the Xcert product. Customers are able... 

...In the world of electronic commerce, you need a trusted third party to 
identify a digital signature , " says Jay Simmons, vice president of 
CertCo. "That, third party is banks. Who knows more... 

...has been reviewing the technology for about two years. "We got our first 
taste of digital certificate technology as part of Visa's early SET 
pilots," says Parker Foley, vice president of... 

...Currently, First Union has a pilot project underway with the state of 
Georgia to enable digital signatures on quarterly tax filings from 
mortgage lenders in the state. "We've begun to explore... 

...usage, then extend to business banking, brokerage, and wire transfers, 
he says. One advantage of digital certificates First Union has found is 
the simplicity of use they offer customers. First. Union's home banking 
environment currently requires three different passwords for access, Foley 
notes. "With the digital certificate , only one password is required." 
Across town, NationsBank, of Charlotte, NC, recently inked an agreement 
with Verisign for it to issue digital certificates for its global 
corporate and investment banking customers. NationsBank will begin 
deploying digital certificates for those customers in early 1998 for 
use with NationsBank Direct (SSM) , an .Internet-based. . . 

...foreign currency payments, receipts, treasuries, foreign exchange, trade 
finance, investments and borrowing. NationsBank will issue digital 
certificates under its own brand, while Verisign will manage the 
processing services associated with being a. . . 

...pay for secure transaction capabilities online than are retail 
customers." NationsBank also plans to introduce digital certificates 
for employees this year. The certificates will be used for electronic 
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employee identification badges, as. 



...There's good reason why banks like NationsBank and First Union are 
taking advantage of digital certificates , but not moving full steam 
ahead to become CAs themselves. It can be tough being... Even more messy: 
"CAs need to take extensive technical and operational security precautions. 
If the private keys of a CA are compromised, all of the certificates 
issued by the CA immediately become... 

...can benefit greatly by taking on leadership roles and becoming CAs. The 
key role of digital certificates in banking hinges on brand loyalty and 
the customer relationship, he says. This essentially will ... analyst at 
Piper Jaffray, Minneapolis. "They can then package together additional 
services. Dedicated non-bank ATM companies, like Triton, can't package it 
all like that." Broad business base With all... 

...and institutions want an alternative." <SS>Types Of Certificate 
Authorities Universal CAs Universal CAs issue digital certificates that 
are designed to be used as widely as possible. Today, there are very few 
universal CAs in operation that issue digital certificates . There are, 
however, a number of universal CAs that issue paper certificates, the best 
example . . . 

...universally accepted as proof of identification. While the government 
does not issue the equivalent of digital certificates today, it is a 
safe bet that it will do so. Indeed, the U.S... 

...issue paper cerificates (or in this case, plastic certificates) and have 
plans to begin issuing digital certificates . Other firms, such as the 
start-up Verisign, are also attempting to establish themselves as... 
certificates gives Citibank the freedom to customize and improve its 
services quickly. <SS>NACHA Tests Digital Certificates <BI>By David 
Stahl A pilot that the National Automated Clearing House Association and 
five . . . 

...York and Verisign of Redwood City, CA, all of which market their own 
version of digital certificates . Each of the five banks has teamed with 
one or more technology vendors, and each team is running its own test. 
Under the pilot, the banks will hold digital certificates for their 
retail and merchant customers. The digital certificate authorities want 
to make certain that a customer's digital certificate", held at Bank X, 
really belongs to that customer. This verification enables the merchant to 

...on this relationship for the Internet." NACHA designed the pilot because 
it recently ruled that digital signatures have the same legal 
properties as physical signatures. In addition, Netscape's latest version 
of . . . 

...documents. In fact, this signature feature is part of the NACHA pilot. 
Aside from issuing digital certificates , the participating banks will 
maintain files with certificate numbers, expiration dates and other 
pertinent data. . . 
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IS SET USEFUL TO THE NON-US WORLD? 

(SET (Secure Electronic Transactions) protocol has been proposed by 
Mastercard and Visa as the preferred method of operating electronic 
commerce via the Internet; main technology participants are all US-based) 
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ABSTRACT: 

...access to the credit card details, and 



the cardholder cannot deny having authorised the purchase. Digital 
certificates and digital signatures are used to achieve the first 3 
items, and are intended to address the last item. Credit card details are 
not directly included in the digital certificate or payment message, 
but are made available, through encryption, to a SET payment gateway, which 
verifies the digital signature before passing the payment message onto 
an acquiring bank, perhaps though the existing Mastercard or Visa 
networks. Current digital signature technology is based on Public Key 
encryption, of which RSA is the most well known. . . 

...cryptography is more computationally expensive than the symmetric key 
DES encryption used in today's ATM 1 s and PINpads . A digital signature 
is created by using the Private Key associated with the cardholder digital 

certificate . However, in the non-US world, the comparatively low number 
of banks per country meant... 

TEXT: 

...payment message onto an acquiring bank, perhaps though the existing 
Mastercard or Visa networks. 



Current digital signature technology is based on Public Key encryption, 
of which RSA is the most well known. . . 



...than the symmetric key DES encryption used in today's ATM 1 s and PINpads. 
A digital signature is created by using the Private Key associated" with 
the cardholder digital certificate . 



The US perspective: 



The US is reported to have around 17,000 banks. In this... 
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EMMA will support the use of passwords, personal identification numbers, 
digital certificates , digital signatures , and biometrics to identify 
voters. The ATM also will be able to display candidates 1 photographs and 
information about the candidates. All aspects..'. 
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duty of care upon a subscriber than that imposed on the holder of 
credit or ATM card. Draft laws al-so suggest persons who intentionally or 
negligently disclose private keys should be held liable to a higher 

standard than those responsible for involuntary disclosure. 
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TEXT: 

...was on display at the RSA Conference in 

San Diego last month, where manufacturers of digital certificates 
technology that ensures safe wireless transactions - unveiled a batch 
of freshly-baked promises and solutions... 

...transactions with it," says Nagy Moustafa, president of 
Toronto-based Diversinet [DVNT] , a developer of digital signature 
technology. 

"The explosion of wireless e-commerce has resulted in the 
explosion of wireless security. . . 
. . .delivering advanced 

security technology to service providers in Europe, notably Finland. 

The technology used with digital certificates in wireless 

devices for ecommerce is much more complicated than the " ATM and pin 

number" method, says Jeremy Wyant, a senior technologist for 

CyberTrust . 

Last month, Sonera. . . 

...CyberTrust technology. The device will be first 
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implemented for Sonera SmartTrust . 



Undeniable E-Commerce Proof 

Digital certificate technology enables users to digitally sign a 
document, which in certain jurisdictions, creates a legally. . . 

...provides security for wireless devices by giving users a passport 
that identifies them, to include digital certificates for the wireless 
Palm Operating System. 

In addition, Diversinet's permit server, a product that... 

...the user credit for electronic transactions, is now available. 
Moustafa says Diversinet's devices, and digital certificates in 
general, will enable consumers to enact transactions on PDAs, handsets 
and pagers . 

He says s digital certificate 

technology. 

In terms of the usage of wireless security, Finland is a leader 
among the . . . 



21/3, K/12 (Item 2 from file: 696) 

DIALOG (R) File 696: DIALOG Telecom. Newsletters 
(c) 2005 The Dialog Corp. All rts. reserv. 

00703317 
Security Notes 

Telecom & Data Network Security 

December 01, 1999 VOL: 7 ISSUE: 12 DOCUMENT TYPE: NEWSLETTER 
PUBLISHER: BRP PUBLICATIONS 

LANGUAGE: ENGLISH WORD COUNT: 7 98 RECORD TYPE: FULLTEXT 

(c) BRP PUBLICATIONS All Rts. Reserv. 

TEXT: 

...Consumers participating in the pilot use a private key to generate 
digital signatures . When buying an item online, the consumer offers an 
ATM card number and digitally signs an electronic authorization form 
rather than enter a personal identification number. The consumer's 
financial institution would verify the digital signature for merchant 
confirmation, and the customer's checking account would be 'debited through 
a participating ATM network. Pilot participants will conduct technical 
tests using digital certificates late this year and begin making online 
transactions next spring. . . 
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TEXT: 

...networking systems, and Diebold Inc. [DBD] , a Canton, Ohio-based 
manufacturer of automated teller machines ( ATM ) , have entered into a 
service agreement to provide a single-source communications package 
developed exclusively. . . 

...Diebold will combine TimePlex's SYNCHRONY IAN-150 frame relay 
access switch products with Diebold ATM platforms. The frame relay 
equipment will provide greater networking bandwidth and enable a more 
efficient delivery of advanced features such as full-motion video for 
advertising at the ATM or digital security images taken at the ATM 
site . 

The agreement also allows Diebold to provide an integrated 
package of communication services to. . . 

. . . subsidiary, Algorithmic 

Research, provide encryption-based network security solutions. The 
SFU-L encryptor uses the digital signature standard-based digital 

certificate system to positively identify other Cylink frame relay 
encryptors before making a connection. Once a... 
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NORTH CANTON, Ohio, March 11 /PRNewswire-FirstCall/ - Diebold today 
announced support for the industry transition to triple DES encryption, 
which 

is used to protect personal identification numbers (PINs) during automated 
teller machine (ATM) transactions. To help financial institutions comply 
with 

the new requirements, Diebold is offering new encrypting pin pad (EPP) 
solutions for use in its ATMs worldwide. EPPs are designed to meet the 
requirements for PIN encryption as well as the requirements for a tamper- 
resistant security module. EPPs will support a variety of keypad 
configurations to meet the needs of financial institutions and various 
regulatory requirements . 

(Photo: http: //www . newscom . com/cgi-bin/prnh/2 000 0608 /DIEBLOGO ) 
In addition to helping financial institutions comply with the 
requirement 

for unique DES encryption keys in every ATM, Diebold. is adding the ability 
to 

remotely load DES keys into the encrypting pin pad using the banks existing 
ATM driving software. This capability, known as remote key transport, 
eliminates the need for personnel to visit each machine to manually load 
DES 

keys. Remote key transport uses public key cryptography to protect the 
keys 

during transmission from the host to the ATM. It also supports digital 
certificates provided by Digital Signature Trust of Salt Lake City, Utah, 
to 

authenticate the host and the ATM to one another, and to protect against 
unauthorized computers from gaining access to the DES keys. This is the 
first 

time public key cryptography and digital certificates have been used 
together 

to simplify DES key loading while providing a high degree of security. 

An important safeguard for remote "key transport is the use of digital 
certificates in the process. "Digital certificates have proven to offer a 
high 

degree of security and privacy across the entire spectrum of networks," 
said 

Scott Schrader, financial services group president for Digital Signature 
Trust. "These device certificates provide a means to protect the exchange 
of 

data on a financial institutions self-service network." 

. Remote key transport reduces the expense and complicated logistics 
required to load keys in ATMs. Simplifying the process will make key 
management, including routine changes to the keys, easier for institutions. 

"With remote key transport, DES keys can be changed anytime an 
institution 

feels it is necessary," said Dean D. Stewart, director of Diebold's Product 
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Management group. "Unique keys in every ATM and the use of triple DES 
encryption significantly increases the difficulty of compromising ATM 
transactions . " 

About Digital Signature Trust 

With its flagship TrustID digital certificate solutions program, 
Digital 

Signature Trust (DST) provides a high level of risk management available 
for 

private and trusted e-business transactions. TrustID is the only 
certificate 

sponsored by the American Bankers Association and the Mortgage Bankers 
Association of America. The TrustID Certificate Policy provides the 
foundation for truly interoperable digital identity credentials, giving 
institutions and businesses, their constituencies and their business 
partners 

one universally accepted digital certificate that simplifies and 
streamlines 

their e-business processes and transactions, making them trusted and 
secure . 

Acting as the trusted third party, DST provides managed digital certificate 
services so businesses can integrate digital signatures into their 
e-business 

applications quickly and efficiently, virtually eliminating the risk of 
identity fraud. DST is a subsidiary of Zions First National Bank. For more 
information, visit www.trustDST.com . 

COMPANY NAMES: Diebold , Incorporated ; Digital Signature Trust 
GEOGRAPHIC NAMES: AMERICAS; NEW YORK; NORTH AMERICA; OHIO; USA 
INDUSTRY NAMES: FINANCIAL SERVICES; ATMS; BANKING; BANKING AUTOMATION; 

COMMUNICATIONS TECHNOLOGIES; COMPUTER SECURITY; COMPUTERS; CORPORATE; 

ELECTRONIC COMMERCE; INSTITUTIONS; INVESTMENT; SECURITY; STOCKS AND 

SHARES 

EVENT NAMES: CORPORATE GROUPS AND OWNERSHIP; MANAGEMENT PROCEDURES; 
ORGANISATIONS AND INSTITUTIONS; STOCKS AND SHARES 
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PRODUCT NAME: payShield (193062) 

nCipher Corp Ltd (657921) 

Jupiter House Station Rd 

Cambridge, UK CB1 2JD United Kingdom 

TELEPHONE: ( ) 122-3723600 

RECORD TYPE: Directory 

CONTACT: Sales Department 

nCipher's payShield (TM) is a hardware security system that processes 
electronic payments. It allows banks, payment processors, and merchants to 

support Visa 3-D Secure and MasterCard SecureCode cryptographic 
requirements. The system provides users with cardholder authentication and 
FIPS 140-2 Level 3 protection features. payShield handles a wide range of 
EMV smart card and ATM PIN functions. The system protects cardholder 
passwords and other personal data. It . creates digitally signed approvals 
for merchants. payShield offers users SCSI and Ethernet connectivity, 
options. It can be customized to support special encryption, decryption, 
and digital signature functions. 

DESCRIPTORS: ATMs; Banks; Credit Cards; Digital Signatures ; E-Commerce 
; E-Payment; Encryption; Financial Institutions; Internet Security; 
Retailers; Smart Cards ; System Monitoring; User Identity Management. 

HARDWARE: Hardware Independent 
OPERATING SYSTEM: Open Systems 
PROGRAM LANGUAGES: Not Available 

TYPE OF PRODUCT: Mainframe; Mini; Micro; Workstation 
POTENTIAL USERS: Cross Industry 
PRICE: Available upon request 

REVISION DATE: 20040311 

13/5/2 (Item 1 from file: 2) 

DIALOG (R) File 2:INSPEC r 

(c) 2005 Institution of Electrical Engineers. All rts. reserv. 

4896922 INSPEC Abstract Number: C9504-7 120-016 
Title: Digital payment systems in the ESPRIT project CAFE 

Author (s): Boly, J. -P.; Bosselaers, A.; Cramer, R.; Michelsen, R. ; 
Mjolsnes, S.; Muller, F.; Pedersen, T.; Pfitzmann, B.; de Rooij, P.; 
Schoenmakers, B.; Schunter, M. ; Vallee, L.; Waidner, M. 

Author Affiliation: PTT Res. Neher Labs., Leidschendam, Netherlands 

p. 35-45, 337 

Publisher: M. C. I . -Manifestations et Commun. Int, Paris, France 
Publication Date: 1994 Country of Publication: France 357 pp. 
Conference Title: Proceedings of Securicom 1 94 

Conference Date: 1-2 June 1994 Conference Location: Paris, France 
Language: English ■ Document Type: Conference Paper (PA) 
Treatment : General, Review (G) 

Abstract: CAFE ("Conditional Access for Europe") is an ongoing project in 
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the European Community's ESPRIT program. Its goal is to develop innovative 
systems for conditional access, and in particular, digital payment systems. 
Its basis are smartcards and small portable devices called electronic 
wallets, whose outlook is quite similar to pocket calculators or PDAs 
(personal digital assistants) . An important aspect of CAFE is high security 
of all parties, with the least possible requirements that they are forced 
to trust other parties. Moreover, both the electronic money issuer and the 
individual users are less dependent on the tamper-resistance of devices 
than in usual digital payment systems. An important tool are digital 

signatures (public-key cryptology) . Since CAFE aims at the market of 
small everyday payments that is currently dominated by cash, payments are 
offline, and privacy is an important issue. If deemed necessary, an upper 
limit on the amounts that can be paid in this cash-like way can be fixed. 
Other features that the CAFE payment system offers are: open architecture 
and system, loss tolerance, and different currencies. The aim is to 
demonstrate a set of the systems developed in one or more field trials at 
the end of the project. (15 Refs) 
Subfile: C 

Descriptors: authorisation; data privacy; EFTS; notebook computers; 
public key cryptography; research initiatives; smart cards 

Identifiers: digital payment systems; ESPRIT project; CAFE; Conditional 
Access for Europe; smartcards ; portable devices; electronic wallets; 
security; electronic money; tamper-resistance; public-key cryptology; 
digital signatures ; offline payments; privacy; cash limits; open 
architecture; loss tolerance; currencies; field trials 

Class Codes: C7120 (Financial computing); C6130S (Data security); C0230 
(Economic, social and political aspects of computing); C5430 ( 
Microcomputers ) 

Copyright 1995, IEE 



13/5/3 (Item 1 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09238434 

A chip off the old block 

UK: GROWING POPULARITY OF SMART CARDS 
Banking Technology (BTY) Feb 2000 p. 25, 27-8 
Language: ENGLISH 

Following the introduction of debit, credit and cash machine smart cards 
to the UK in Spring 199*9, the full roll-out is expected to be completed by 
the end of 2002. The process, involving the replacement of a total of 
around 116mn cards, offers the potential for a dramatic reduction in 
plastic card fraud and counterfeiting, according to the Association for 
Payment and Clearing Services (Apacs) . The combination of smart cards 
and public key infrastructure (PKI), with digital signatures for the 
authentication of identities, would do a great deal to reduce such crimes. 
The old-style magnetic strip cards can only be discontinued, however, when 
every point-of-sale terminal and ATM in the UK is converted to read the 
integrated computer chips of smart cards . Banks, which bear much of the 
financial burden of fraud, are assisting merchants with the costs of the 
changeover. 

COMPANY: APACS; ASSN FOR PAYMENT & CLEARING SERVICES 

PRODUCT: Debit Card Svcs (6020DC); Nonbank Credit Card Firms (6141); 

Smart Cards (3078SC); Consumer Finance Institutions (6140); 
EVENT: Sales & Consumption (65); National Government Economics (94); 

Workers by Type (56); 
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COUNTRY: United Kingdom (4 UK) ; 



13/5/4 (Item 2 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09149290 

Thailand's banks get their hands on some smart electronic money 

THAILAND: SMART CARD SYSTEM FROM MASTERCARD 
Bangkok Post (XBN) 25 Aug 1999 database p.l 
Language: ENGLISH 

MasterCard International forecast that by year 2000, consumers in Thailand 
will be using chip-based cards to store their credit, bank cards and other 
applications like digital signatures , electronic cash, and 

industry-specific loyalty programs. The firm was unveiling its Mondex ' 

smart 1 card system in the country and has already sold 3,000 such 
terminals to petrol stations, banks and supermarkets. A small 
microprocessor is located in Mondex cards, which can download electronic 
cash to the card using a standard ATM machine. MasterCard hopes that 
Thailand will be one of the early adopters of the Mondex 1 smart 1 card 

system. 



COMPANY: MASTERCARD INTL 



PRODUCT 
EVENT : 
COUNTRY 



Credit Card Services (6020CC); Nonbank Credit Card Firms (6141); 
Product Design & Development (33); Planning & Information (22); 
Thailand (9THA) ; 



13/5/5 (Item 3 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

06306752 

BACS signs up for smart cards 

UK: SMART CARD TECHNOLOGY FOR BACS 
Computer Weekly (CRW) 02 May 1996 p. 3 
Language: ENGLISH 

The adoption of cheque imaging (the network transfer of cheque images), 
object technology and increased use of the Internet, are technological 
developments under consideration at BACS <UK>. However, the UK bank 
.clearing house's first investment looks set to be the introduction of a 
PIN/encryption-based smart card in transaction management. The system 
would authorise Bacstel transactions by digital signature recognition 
and would take 11 months to develop. * 

COMPANY: BACS 

PRODUCT: Debit Card Svcs (6020DC); Nonbank Credit Card Firms (6141); 

Smart Cards (3078SC) ; Cash Dispensers/ATM Systems (3573CD) ; 

Electronic Banking Svcs (6005); Banking Institutions (6010); 
EVENT: Capital Expenditure (43); 
COUNTRY: United Kingdom (4UK); 



13/5/6 (Item 1 from file: 8) 
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(c) 2005 Elsevier Eng. Info. Inc. All rts. reserv. 



01913515 E.I. Monthly No: EIM8512-079798 

Title: SMART CARDS , DIGITAL SIGNATURES AND NEGOTIABLE DOCUMENTS. 
Author: Davies, D. W. 

Corporate Source: Natl Physical Lab, Teddington, Engl 

Conference Title: International Conference on Secure Communication 
Systems . 

Conference Location: London, Engl Conference Date: 19840222 

Sponsor: IEE, Electronics Div, London, Engl; IEE, Computing & Control 

Div, London, Engl; British Computer Soc, London, Engl; Inst of Acoustics, 

Edinburgh, Scotl; Inst of Physics, London, Engl 
E.I. Conference No.: 05466 

Source: IEE Conference Publication n 231. Publ by IEE, London, Engl p 1-4 

Publication Year: 1984 

CODEN: IECPB4 ISBN: 0-85296288-6 

Language: English 

Document Type: PA; (Conference Paper) 
Journal Announcement: 8512 

Abstract: In addition to cash, there are now many ways in which payments 
can be made. Those which are only partly automated and depend on paper 
documents such as check payments and credit card transactions, are 
expensive to operate and are being subjected to an increasing level of 
fraud. Consequently, the development of payment systems which are more 
secure and more fully automated has a high priority. One of these already 
exists in large numbers and is very successful namely the cash dispenser or 

automatic teller machine ( ATM ) with its plastic, magnetic striped 
card and personal identification number. Authentication of digital 
signatures , enciphering and deciphering functions, electronic checks, 
signature tokens for negotiable documents and other types of secret keying 
as a protection against theft are discussed. 

Descriptors: *DATA PROCESSING, BUSINESS--*Security of Data; DATA 
PROCESSING — Financial Applications 

Identifiers: PAYMENT SYSTEMS; AUTOMATIC TELLER MACHINE ; MAGNETIC 
STRIPED CARDS; SIGNATURE VERIFICATION SCHEME; SMART CARDS 

Classification Codes: 

723 (Computer Software) ; 911 (Industrial Economics) 

72 (COMPUTERS & DATA PROCESSING); 91 (ENGINEERING MANAGEMENT) 
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DIALOG (R) File 256 : Teclnf oSource 

(c) 2005 Info. Sources Inc. All rts. reserv. 



02601748 DOCUMENT TYPE: Company 

Cylink Corp (601748) 

3131 Jay St PO Box 54952 

Santa Clara, CA 95056-0952 United States 
TELEPHONE: (408) 855-6000 

TOLL FREE TELEPHONE NUMBER: (800) 533-3958 

FAX: (408) 855-6100 

HOMEPAGE: http: //www . cylink . com 

TICKER: NASDAQ : CYLK 

RECORD TYPE: Directory 



CONTACT: Sales Department 

ORGANIZATION TYPE: Corporation 
EQUITY TYPE: Public 
STATUS: Active 



Cylink Corporation (NASDAQ: CYLK) enables secure data transmissions over 
LANs, WANs, public packet switched networks (the Internet), ATM , and 
frame relay networks. A pioneer of industry-standard public key management 
technology, Cylink has been a leader in enterprisewide security since 1984. 
At the core of the firm's product design is the Secure Enterprise 
Architecture--S . E . A. Stack (TM) . This innovative architecture provides 
privacy, data integrity, authentication, access control, and nonrepudiation 
throughout a network. In 1990, Cylink introduced its AirLink product line 
of long-range digital, spread-spectrum microwave radio systems. Cylink is a 
single-source wireless communications provider. The company is 
headquartered in Northern California, with offices, distributors, and 
customer support worldwide. Its customers include Fortune 500 companies, 
multinational financial institutions, agribusiness, construction, and 
petrochemical firms, and numerous U.S. and international government, 
agencies . 

SALES : NA 

DATE FOUNDED: 1983 

PERSONNEL: Crowell, William P, Chief Executive Officer; Crowell, William P 
, President; Breeden, Phil, VP Engineering; Chillingworth, Christopher, 
Chief Financial Officer; Reilly, Pat, VP Sales; Reilly, Pat, VP 
Marketing; Walsh, Richard, VP Operations; Walsh, Richard, Chief 
Information Officer 

DESCRIPTORS: Computer Security; Digital Certificates ; Encryption; 
Internet Security; LANs; Wireless Networks 

REVISION DATE: 20020830 



18/5/2 (Item 2 from file: 256) 

DIALOG (R) File 256 : Teclnf oSource 

(c) 2005 Info. Sources Inc. All rts. reserv. 

001327 60 DOCUMENT TYPE: Review 

PRODUCT NAMES: SafeDebit (063347); 3-D Secure 1.0 (063355) 

TITLE: Smart-Card Technology May Have a Smarter Rival: NYCE plans to 
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use. . . 

AUTHOR: Mearian, Lucas 

SOURCE: Computerworld, v35 n31 pl9(l) Jul 30, 2001 
ISSN: 0010-4841 

HOMEPAGE : http : / /www . computerworld . com 

RECORD TYPE: Review 

REVIEW TYPE: Product Analysis 

GRADE: Product Analysis, No Rating 

NYCE Corporation's new software specification may streamline online payment 
processes. The new technology will compete directly with smart cards and 
will utilize ATM networks. Compared to smart cards, NYCE's technology is 
more affordable, and it does not require software installations. NYCE is 
offering its SafeDebit cards to 2, 300 financial institutions.' SafeDebit 
employs a miniature CD-ROM exchanges encrypted codes and passwords with 
online merchants. After clicking on a Web site's SafeDebit icon, consumers 
insert their Cd into their computer's drive and enter a personal 
identification number (PIN) . Transaction rights then are verified by a bank 
using the ATM network. However, SafeDebit works only for online 
transactions. Visa International also is promoting an online authentication 
technology called 3-D Secure 1.0. 

COMPANY NAME: NYCE Corp (710067); Visa International (640719) 
SPECIAL FEATURE: Photographs 

DESCRIPTORS : ATMs; Digital Certificates ; E-Banking; E-Payment • 
•REVISION DATE: 20020830 



18/5/3 (Item 3 from file: 256) 

DIALOG (R) File 256 : Teclnf oSource 

(c) 2005 Info. Sources Inc. All rts. reserv. 

00121145 DOCUMENT TYPE: Review 

PRODUCT NAMES: ASP (Application Service Providers) (841242) 

TITLE: ASP Attack: It'll Take All Your Wits to Pick the Right 
Application. . . 

AUTHOR: Pappalardo, Denise 

SOURCE: Network World, vl6 n39 p70(4) Sep 27, 1999 
ISSN: 0887-7661 

HOMEPAGE: http://www.nwfusion.com 

RECORD TYPE: Review 

REVIEW TYPE: Product Analysis 

GRADE: Product Analysis, No Rating 

Application service providers (ASPs) offer rentable applications to 
multiple business users from a shared data center over the Internet, or an 
ATM , frame relay, or private-line network. The applications are accessed 
by the client from a user's PC via a standard World Wide Web browser, a 
thin client, or an application-specific client. The advantages that an ASP 
will provide for a business are improving services, obtaining a strategic 
advantage, reducing risks by being able to move quickly with low capital 
investments, and reducing costs. Services are improved with increased 
bandwidth, and an ASP will hire all the necessary software experts, giving 
small to midsize companies the chance to use top-tier applications they 
otherwise could not consider. However, most ASPs are nonspecific about 
security, and at a minimum, if an ASP data center is accessed via the 
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Internet, there should be IPSec-compliant firewalls that can support up to 
128-bit key encryption, and some applications may even warrant the use of 
digital certificates . 

COMPANY NAME: Vendor Independent (999999) 
SPECIAL FEATURE: Tables 

DESCRIPTORS: ASP (Application Service Providers); Computer Security; Data 
Center Operations; Encryption; Network Administration; Network 
Management; Network Software; Thin Clients 

REVISION DATE: 20020630 



18/5/4 (Item 1 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09459760 

First bank adopts PKI standard 

UK: RBS TO USE DIGITAL CERTIFICATE STANDARD 
Computer Weekly (CRW) 01 Feb 2001 p. 3 
Language: ENGLISH 

The Royal Bank of Scotland (RBS) will use the Identrus online digital 

certificate standard for firms which lease cars, making it the first bank 
to use Identrus. This will enable trading partners to exchange certificates 
on the Internet. According to a senior consultant from Ovum, information 
technology analyst, Graham Titterington, Identrus is unique worldwide and 
its use constitutes a major step forward for business-to-business 
electronic commerce. Titterington believes that other banks are likely to 
follow the RBS lead. 



COMPANY: ROYAL BANK OF SCOTLAND 

Cash Dispensers/ ATM Systems (3573CD); Electronic Banking Svcs ( 



PRODUCT: 
6005) ; 
EVENT : 
COUNTRY: 



General Management Services (26); 
United Kingdom (4 UK) ; 



18/5/5 (Item 2 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09135352 

CCS offers mobile banking 

MALAYSIA: MOBILE BANKING BY CCS 
New Straits Times (XAS) 22 Jul 1999 Computimes p. 12 
Language : ENGLISH 

Malaysian markets may soon enjoy mobile banking. This is a service whereby 
the replication of an automated teller machine ( ATM ) is made on to the 
handphone. The company introducing the service to the Malaysian market is 
Chipcard & Communication Systems Sdn Bhd (CCS) from Malaysia. Now, 
handphone users are able to access mobile phone banking wherever they are. 
The' service would need a link up between a telecommunications company and a 
bank. CCS will sell a server to the telecommunication company which costs 
some RM 200,000 and above while the bank would need implementation of some 
4 to six months before the system can get on-line. 

COMPANY: CHIPCARD & COMMUNICATION SYSTEMS 
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PRODUCT: Banking Institutions (6010); Cellular Radio Services (4811CR); 
EVENT: Product Design & Development (33); 
COUNTRY: Malaysia (9MAO); 



18/5/6 (Item 3 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09084779 

JETCO to serve as certificate authority 

HONG KONG: NEW CA POSITION FOR JETCO 
Computerworld HK (XDP) 11 Mar 1999 Cyber World, p. 1 
Language: ENGLISH 

A new certificate authority (CA) position will be adopted by Joint 
Electronic Teller Services Ltd (JETCO) in Hong Kong, where JETCO will 
assist all retail banks to connect to the Internet era. By taking up the 
role as a CA, JETCO will offer digital certificates for Internet 
transactions to its 4 9 member banks. In addition, JETCO will deliver an 

ATM service to non-Internet member banks who can then perform basic 
banking transactions on the Web. A CA serves as a trusted third party to 
certify electronic transaction identities via the digital certificates 

issue . 

COMPANY: INTERNET; JETCO; JOINT ELECTRONIC TELLER SERVICES 

PRODUCT: Electronic Point of Sale Systems (3573EP) ; Electronic Banking 
Svcs (6005); Computer & Data Security Software (7372CD) ; Computer Services 

(7370); Database Vendors (7375); 
EVENT: National Government Economics (94); 
COUNTRY: Hong Kong (9HON); 



18/5/7 (Item 4 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09070551 

internet banking just a step away 

HONG KONG: INTERNET BANKING TO BE AVAILABLE 
The HongKong Standard (XKR) 06 Mar 1999 p.b3 
Language: ENGLISH 

Joint Electronic Teller Services Co. (Jetco) has signed an agreement with 
Hewlett-Packard and GTE for setting up Internet Certification Authority 
(CA) in Hong Kong. Jetco can issue digital certificates to its 4 9 
member banks for offering secured and confidential Internet-based banking 
transaction services to clients. 

COMPANY: GTE; HEWLETT-PACKARD; JOINT ELECTRONIC TELLER SERVICES 

PRODUCT: Cash Dispensers/ ATM Systems (3573CD); Electronic Banking Svcs ( 
6005); Banking Institutions (6010); Communications Eqp ex Tel (3662); 
EVENT: National Government Economics (94); Company Formation (14); 
COUNTRY: Hong Kong (9HON); 
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(c) 2002 The Gale Group. All rts. reserv. 



09067078 

Meps Plans RM350M11 Expansion Of Services 

MALAYSIA: MEPS STEPS UP EFFORTS FOR NEW SERVICES 
The Star (XAT) 27 Feb 1999 Business p.l 
Language: ENGLISH 

In a bid to cover a more comprehensive spectrum of electronic banking 
applications, the country's leading operator of automated teller machine ( 
ATM ) , Malaysian Electronic Payment System Sdn Bhd (Meps) is planning to 
widen its range of services. For its proposed expansion of services, Meps 
will earmark over RM 350 mn. Among the range of new services planned are 
cyber banking, inter-bank Giro, electronic commerce (e-commerce), 
electronic data interchange payment and Meps cash electronic purse 
(e-purse), said Mohammad B Abdullah, Meps chairman on 26 February 1999. To 
facilitate its various credit and debit applications, Meps will soon 
install new state-of-the-art card acceptance and ATMs devices with 
capability in managing chipcards . A commercial pilot project for its 
e-purse application featuring 21,000 'reloadable' cards, has also been 
planned by Meps in Bangsar Baru. The ATM operator's immediate objective 
is to boost usage and availability of its e-purse service. 
COMPANY: MEPS; MALAYSIAN ELECTRONIC PAYMENT SYSTEM 

PRODUCT: Electronic Point of Sale Systems (3573EP) ; Electronic Banking 
Svcs (6005); 

EVENT: Product Design & Development (33); Capital Expenditure (43); 
COUNTRY: Malaysia (9MAO); 

18/5/9 (Item 6 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09028566 

TNC launches smartcard reader 

SINGAPORE: NEW MERZ CR SMART CARD READER BY TNC 
Computerworld (XCK) 22 Oct 1998 p. 14 
Language : ENGLISH 

The new Merz CR smart card reader has been launched by. The Networking 
Company (TNC) in Singapore, at a cost of S$ 59. The reader conducts Netrust 
Digital Certificate reading/accessing from a smart card to verify 

parties involved in an electronic dealing. In addition, it is a CashCard 
for Open Network E-commerce (C-One) compliant cash card reader for Internet 
payment and e-commerce module. Merz CR smart card comes with the following 
features: - user-friendly Windows software to view, sort and print ATM 
/cash smart card transactions - serial port (R232) for connecting card 
reader 

COMPANY: INTERNET; TNC; THE NETWORKING COMPANY 

EVENT: Product Design & Development (33); 
COUNTRY: Singapore (9SIN); 



18/5/10 (Item 7 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

06516366 
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Siemens machines herlad future of self-service banking 

ASIA: SIEMENS DISPLAYS RETAIL BANKING PRODUCTS 
Business Times (XBA) 08 Sep 1997 P. 14 
Language: ENGLISH 

At its Asia-Pacific Self-Service Conference, Siemens Nixdorf displayed its 
Cash Recycling System, which handles deposits (no over 400 banknotes at a 
time), withdrawals and foreign currency exchange and credits the amount 
immediately, making the notes to be available for withdrawals to minimise 
cash stock and refills and eliminate cash post-processing and at the 
display was a cash deposit machine being used by United Overseas Bank in 
Singapore, where demand for the machine might be high given limited 
manpower and office space in the nation. FaceLine ATMs/ which take a 
photograph of the depositor and then verify the person's identity to allow 
the legal owner of the ATM card to use the services, would recognise 
users ' face using biometric technology but PIN numbers will not be done 
away. The German maker also showed a pocket balance reader that shows the 
balance and the last amounts debited and credited via the liquid crystal 
display) when a chipcard is inserted into the reader in addition to the 
function of being able to read the balance value in a telephone card which 
works on chipcard technology. 

COMPANY: UNITED OVERSEAS BANK; SIEMENS NIXDORF 



PRODUCT: Cash Dispensers/ ATM Systems (3573CD) ; Electronic Banking Svcs ( 
6005); 

EVENT: Product Design & Development (33); 

COUNTRY: Southeast Asia (92T); Germany (4GER); Eastern Asia (92E); 



18/5/11 (Item 8 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

06028002 

Telekom und IBM entwickeln Chip fuer Kreditwesen 

GERMANY: CHIP FOR EC AND BANK CARDS 
Computerwoche (CWE) 29 Jul 1994 p. 17 
Language : GERMAN 



ZKA, a co-operation of associations of banks in Germany, agreed on a 
concept of a multi functional chipcard for payments. GAD Gesellschaft 
fuer automatische Datenverarbeitung, Telekom and IBM developed the 
chipcard , which will be used for 50mn EC and bank cards as from 1995. 

COMPANY: TELEKOM; IBM; GAD GESELLSCHAFT FUR AUTOMATISCHE DATENVERARBEIT 

PRODUCT: Commercial Banks (6020); Consumer Finance Institutions (6140); 

Nonbank Credit Card Firms (6141); Cash Dispensers/ ATM Systems (3573CD 
); Electronic Banking Svcs (6005); Semiconductor Devices (3674); 
EVENT: Company Formation (14); Market & Industry News (60); 
COUNTRY: Germany (4GER) ; 



18/5/12 (Item 1 from file: 94)0 

DIALOG (R) File 94 : JICST-EPIus 

(c)2005 Japan Science and Tech Corp(JST). All rts. reserv. 

04185260 JICST ACCESSION NUMBER: 99A0472480 FILE SEGMENT: JICST-E 
Large-scale multimedia LAN system with user interfaces for home electronic 
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appliances . 

TAN YASUO (1); NOMURA TAKASHI (2); TAMORI HIROFUMI (2) 

(1) Japan Advanced Inst. Sci . and Technol . , Hokuriku; (2) Soni It ken 

Joho Shori Gakkai Shinpojiumu Ronbunshu, 1999, VOL. 99, NO. 4, PAGE. 31-32, 

FIG. 2, REF.5 
JOURNAL NUMBER: Y0978BAT ISSN NO: 1344-0640 
UNIVERSAL DECIMAL CLASSIFICATION: 681.3:654 
LANGUAGE: Japanese COUNTRY OF PUBLICATION: Japan 

DOCUMENT TYPE: Conference Proceeding 
ARTICLE TYPE: Short Communication 
MEDIA TYPE: Printed Publication 

DESCRIPTORS: LAN; multi-media; ATM network; interconnection; protocol; 
interface; organization standard; IEEE; university; campus; picture 
signal 

IDENTIFIERS: video signal 

BROADER DESCRIPTORS: computer network; communication network; information 
network; network; information media; connection; rule; 
standard (specif ication) ; standard; institute; school; signal 

CLASSIFICATION CODE (S) : JC03000K 
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22/5/1 (Item 1 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2005 Institution of Electrical Engineers. All rts. reserv. 
5638391 

Title: The "super ATM " comes of age 

Author (s) : O'Sullivan, 0. 

Journal: ABA Banking Journal vol.89, no. 5 p. 72, 74 

Publisher: Simmons-Boardman Publishing for American Bankers Assoc, 

Publication Date: May 1997 Country of Publication: USA 

CODEN: ABAJD5 ISSN: 0194-5947 

SICI: 0194-5947 ( 199705 ) 89 : 5L. 72 :TC; 1-R 

Material Identity Number: B557-97006 

Language: English Document Type: Journal Paper (JP) 
Treatment: Economic aspects (E) ; Practical (P) 

Abstract: Docunet Inc., which provides the "super ATMs 11 now at 100 
Baltimore sites, is working to make virtual ticketing a nationwide reality. 
The San Francisco firm provides the system integration allowing vendors to 
distribute their wares through banks 1 ATM networks. MasterCard announced 
that issuers in its Cirrus ATM network must be capable of handling stamp 
dispensing, by year-end, and other non-traditional dispensing later. Visa's 
participation in super ATMs includes a plan to have the next generation of 
Docunet terminals dispense Visa Travel Cash smart cards, which authorize 
travellers 1 foreign currency withdrawals. Docunet dispenses all the 
non-traditional ATM items some others have dispensed individually, stamps 
or entertainment tickets, for instance. Dedicated Olivetti dispensers are 
used in the Baltimore application, but Docunet is working with Diebold , 

Inc . to marry non-traditional dispensing with full, traditional ATM 

functions on existing hardware. (0 Refs) 
Subfile: D 

Descriptors: automatic teller machines ; entertainment; MasterCard; 
Visa 

Identifiers: super ATM ; Docunet; virtual ticketing; ATM network; 
MasterCard; Visa; foreign currency withdrawals; Diebold; Olivetti 

Class Codes: D2050E (Banking); D2090 (Leisure industry, travel and 
transport ) 

Copyright 1997, IEE 



22/5/2 (Item 2 from file: 2) 

DIALOG (R) File 2: INSPEC 

(c) 2005 Institution of Electrical Engineers. All rts. reserv. 
4894314 

Title: Mandates push bank use of CCTV tech 

Journal: Security vol.32, no.l p. 29 

Publication Date: Jan. 1995 Country of Publication: USA 

CODEN: SECUEU ISSN: 0890-8826 

Language: English Document Type: Journal Paper (JP) 
Treatment: Practical (P) 

Abstract: Spending on CCTV equipment by U.S. financial institutions is up 
30 percent from 1992 to 1993, and an additional 50 percent growth is 
expected in 1994. According to a poll by Diebold , Inc . Canton, Ohio, 
CCTV is hot in the ever-changing banking business. Other industry trends: 
acceleration of consolidations and mergers; a reduction in branches but 
renovations in those that remain; cost containment; an increase in 
automated teller machine use; and the glimmer of electronic banking. Couple 
those trends with the constant threat of crime and fraud, and it ! s obvious, 
say the experts, that financial institutions must find new ways of 
improving security in branches, offices and ATM locations. (0 Refs) 
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Subfile: D 

Descriptors: banking; closed circuit television; equipment selection; 
fraud; security 

Identifiers: CCTV equipment; bank; U.S. financial institutions; poll; 
banking industry trends; consolidations; mergers; branches; cost 
containment; automated teller machine; electronic banking; crime; fraud; 
security; offices; wireless transmission system; ATM locations 

Class Codes: D3035 (Monitoring and alarm systems); D3050 (Video systems 
); D2050E (Banking) 

Copyright 1995, IEE 



22/5/3 (Item 3 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2005 Institution of Electrical Engineers. All rts . reserv. 
04356449 

Title: ID, access card does the wash! 

Journal: Security vol.29, no. 13 p. 35 

Publication Date: Dec. 1992 Country of Publication: USA 

CODEN: SECUEU ISSN: 0890-8826 

Language: English Document Type: Journal Paper (JP) 
Treatment: General, Review (G) 

Abstract: An identification card can do the wash at Oklahoma State 
University (OSU) in Stillwater, OSU f s unique project aims to give 
multi-function ID cards to 22000 students, faculty and staff, who will use 
them for access to athletic events, the recreational center, the wellness 
center and computer labs. The card will pay for on-campus meals, buy snacks 
from vending machines, open locked residential hall doors and pay for 
laundry use. Also planned is access to on-campus ATMs and parking control. 
Driving the ID card is a comprehensive Integrated Campus Access Management 
(ICAM) system from Diebold , Inc . that covers the 76-building, 840-acre 
campus. The system uses a single database of shared information. (0 Refs) 

Subfile: D 

Descriptors: access control; debit transactions; education; plastic cards 
Identifiers: on-campus ATM ; access card; identification card; Oklahoma 

State University; Stillwater; parking control 

Class Codes: D2030 (Education and training); D2050E " (Banking) ; D3035 ( 

Monitoring and alarm systems) 

22/5/4 (Item 4 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2005 Institution of Electrical Engineers. All rts. reserv. 

03163375 INSPEC Abstract Number: D88001946 
Title: Commitment, cooperation keys to direct debit POS success 

Author(s-): Salzmann, E.J. 

Journal: Bank Administration vol.64, no. 4 p. 32-4 
Publication Date: April 1988 Country of Publication: USA 
CODEN: BAADEQ ISSN: 0024-9823 

Language: English Document Type: Journal Paper (JP) 
Treatment: General, Review (G) ; Practical (P) 

Abstract: Merchant National Bank & Inst. has thrown in with Marsh 
Supermarkets and Diebold Inc ., to challenge the naysayers in a 

cooperative POS venture. Marsh now offers its customers POS capability at 
three central Indiana stores and, following an encouraging pilot program, 
is planning to add debit card capability at 10 more stores. Shoppers can 
run Merchants ATM cards through a Diebold 1042 card reader, enter 
personal identification numbers and receive authorization for the purchase 
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amount. So far, only Marsh customers with Merchants cards can use the 
system, which needs to be extended to all customers to become successful. 
(0 Refs) 

Subfile: D 

Descriptors: point of sale systems 

Identifiers: direct debit POS; Merchant National Bank & Inst.; Marsh 
Supermarkets; cooperative; Diebold 104 2 card reader 

Class Codes: D2050E (Banking); D2140 (Marketing, retailing and 
distribution) 



22/5/5 (Item 5 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2005 Institution of Electrical Engineers. All rts. reserv. 

02254198 INSPEC Abstract Number: C84027032, D84001198 
Title: Microprocessor-based system supports ATM POS transactions 

Journal: Bank Systems & Equipment vol.21, no. 2 p. 90 
Publication Date: Feb. 1984 Country of Publication: USA 
CODEN: BSEQD6 ISSN: 0146-0900 

Language: English Document Type: Journal Paper (JP) 
Treatment: General, Review (G) ; Practical (P) 

Abstract: A state-of-the-art, microprocessor family of systems for 
transaction processing and multiple concurrent application support has been 
introduced by Diebold Inc . The Diebold 1000 is designed to give maximum 
single-application performance . and the capability to support multiple 
applications concurrently. The Diebold 1000 is based on the Intel 80286 
microprocessor technology. The microcomputer system . incorporates two 
microprocessors, a main and a communications processor. This dual-processor 
system divides the load between applications processing and data 
communications processing, improving the overall performance of the system 
and minimizing transaction time. The 5/sup l///sub 4/-inch floppy disk 
drives and 10 MB Winchester hard disk drives are available to provide data 
and program storage. (0 Refs) 

Subfile: C D 

Descriptors: EFTS; point of sale systems 

Identifiers: microprocessor-based system; data storage point of sale 
systems; automated teller machines; POS transactions; transaction 
processing; multiple concurrent application support; Diebold Inc . ; 
Diebold 1000; Intel 80286 microprocessor technology; microcomputer system; 
communications processor; dual-processor system; transaction time; floppy 
disk drives; Winchester hard disk drives; program storage 

Class Codes: C7120 (Finance); D2050E (Banking) 



22/5/6 (Item 1 from file: 583) 

DIALOG (R) File 583 :Gale' Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09491893 

Aumenta Banamex numero de cajeros 

MEXICO: BANAMEX TO INCREASE ATM NETWORK 
Reforma (Mexico) (UAT) 23 Mar 2001 online 
Language: SPANISH 

Banamex will increase its ATM network in Mexico by 1,000 to get to 3,900 
units countrywide by the end of 2001. So far Banamex has bought 500 of 
these machines from Diebold Incorporated , the rest are in the process 
of deciding the supplier. Within four months the bank will offer new value 
added services through its ATM network such as airtime for mobile phone 
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operators. Besides, Banamex is going to increase the withdrawal limit per 
day, which nowadays is MP 3,000. * 

COMPANY: DIEBOLD INCORPORATED ; BANAMEX 

PRODUCT: Retail Banking Services (6006); Clearing Banks (6010CB); 

Commercial Banks (6020); Electronic Point of Sale Systems (3573EP) ; 

Electronic Banking Svcs (6005); 
EVENT: Capital Expenditure (43); Use of Materials & Supplies (46); 

Contracts & Orders (61); 
COUNTRY: Mexico (3MEX) ; 



22/5/7 (Item 2 from .file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09186814 - 

Diebold unveils new range of retail banking solutions 

INDIA: NEW BANKING SOLUTION BY DIEBOLD 
Times of India (TSI) 24 Jun 1999 p. 17 
Language: ENGLISH 

In an alliance with its joint venture Diebold HMA (India), US-based 
automated teller machine ( ATM " ) manufacturer, Diebold Inc , has 
launched a new range of retail banking solutions in India. The new banking 
technology solution will be cost-effective which will serve ■ the 
self-service terminal and ATM industry in India. 



COMPANY: DIEBOLD; DIEBOLD HMA 

EVENT: Product Design & Development (33) 
COUNTRY: India (9IND); 



22/5/8 (Item 3 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09119963 

Diebold introduces America's first iris recognition ATM 

MALDIVES: DMS INSTALLS ATMS FOR BANK OF MALDIVES 
Daily News (XBI) 31 May 1999 
Language : ENGLISH 

Data Management Systems Ltd (DMS) of Sri Lanka will be installing several 
automated teller machines (ATMs) in a few branches of Bank of Maldives. DMS 
.is the distributor of Diebold Inc ' s (US) ATM . 

COMPANY: BANK OF MALDIVES; DMS; DATA MANAGEMENT SYSTEMS; DIEBOLD 

PRODUCT: Electronic Point of Sale Systems (3573EP) ; Electronic Banking 
Svcs (6005); 

EVENT: Capital Expenditure (43); Use of Materials & Supplies (46); 

Contracts & Orders (61); 
COUNTRY: Maldive Islands (9MLD); Sri Lanka (9SRI); 



22/5/9 (Item 4 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 
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09109911 

Prime Systems Distributes For Diebold 

PHILIPPINES: DIEBOLD APPOINTS NEW DISTRIBUTOR 
Channel Asia (AHT ) Apr 1999 p. 16 
Language: ENGLISH 

Diebold Inc , a provider of integrated security solutions and automated 
teller machines, has appointed Prime Systems Plus Inc as its new 
Philippines distributor. Under the agreement, Prime Systems Plus will 
undertake the delivery of client marketing and support services to Diebold. 

COMPANY: PRIME SYSTEMS PLUS; DIEBOLD 

PRODUCT: Cash Dispensers/ ATM , Systems (3573CD) ; Electronic Banking Svcs ( 

6005); Computer & Data Security Software (7372CD) ; 

EVENT: Company Formation (14); Marketing Procedures (24); 

COUNTRY: Philippines (9PHI); 



22/5/10 (Item 5 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

09062184 

Diebold Inc to establish a new subsidiary inThailand 
THAILAND: NEW SUBSIDIARY OF DIEBOLD 
Bangkok Post (XBN) 17 Feb 1999 database p.l 
Language: ENGLISH 

World leader in offering integrated delivery systems and services, Diebold 
Inc , will be setting up a subsidiary in Thailand. Named Diebold 
Thailand, the unit will have Mr Verapun Patayanindee as the managing 
director. For more than ten years, banks in Thailand have used the 
automated teller machines of Diebold. Customers in Thailand will be 
provided with service and sales support from Diebold Thailand. 

COMPANY: DIEBOLD THAILAND; DIEBOLD 

PRODUCT: Cash Dispensers/ ATM Systems (3573CD) ; Electronic Banking Svcs ( 
6005); Machinery ex Electric (3500); 
EVENT: Plant /Facilities/Equipment (44) ; 
COUNTRY: Thailand (9THA); 



22/5/11 (Item 6 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

06578928 

Diebold Launches Voice-Recognition ATMs 

WORLD: NEW OPTIMUM ATM LAUNCHED BY DIEBOLD 
IT Times (XDM) 20 Jan 1998 P. 28 
Language: ENGLISH 

The new OPTimum ATM (automated teller machine) has been launched by 
Diebold Inc globally. The OPTimum ATM integrates face-reading and 

voice-print biometrics technology. The OPTimum ATM is developed by 
Diebold, Keyware Technologies and Visionics Corp. The ATM operates 
Windows NT software platform and supports Microsoft Windows DNA 
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(Distributed iNternet Architecture) for Financial Services. When someone 
steps into the ATM , an ATM camera captures the user's image and a 
special Visionics Facelt software offers automatic facial detection, 
location, tracking and identification. The person then says a password into 
the ATM f s microphone. KeyWare's Voice Guardian technology will then match 
the user's voice against a recorded voiceprint kept in a database. Upon 
successful verification, the user is granted his/her account access. The 
ATM does not require any personal identification numbers (PIN) to key or 
any passwords to enter. 

COMPANY: MICROSOFT; VISIONICS; KEYWARE TECHNOLOGIES; DIEBOLD 

PRODUCT: Cash Dispensers/ ATM Systems (3573CD); Electronic Banking Svcs ( 
6005) ; 

EVENT: Product Design & Development (33); Company Formation (14); 

COUNTRY: General Worldwide (0W) ; 

22/5/12 (Item 7 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

06235307 

Diebold to raise share in Indian ATM market 

INDIA: POTENTIAL DEMAND OF ATMS 
Financial Express (XAG) 14 Nov 1995 P. 3 
Language: ENGLISH 

Diebold Incorporated of the USA estimated that the potential users of 

ATMs in India are approximately 180 to 200 mn. In view of that, Diebold is 
going to spend RS 16 crore for acquiring 50% stake in HMA Datasystems as 
part of its efforts to increase its ATM production capacity in India. 

COMPANY: HMA DATASYSTEMS; DIEBOLD 

PRODUCT: Electronic Point of Sale Systems (3573EP) ; Electronic Banking 
Svcs (6005); Electronic Financial Services Sys (3573EF) ; Financial Services 

Software (7372FI); 
EVENT: Market & Industry News (60); Sales & Consumption (65); 

Plant /Facilities/Equipment (44); Company Acquisitions (16); 
COUNTRY: India (9IND); United States (1USA); 

22/5/13 (Item 8 from file: 583) 

DIALOG (R) File 583: Gale Group Globalbase (TM) 
(c) 2002 The Gale Group. All rts. reserv. 

05390106 

Diebold Inc saw third quarter 
US - DIEBOLD REPORTS THIRD QUARTER PROFIT UP 18% 
Computergram International (CGI) 20 October 1992 pi 
ISSN: 0268-716X 

Diebold saw third quarter net up 18.4% at USDlrll mil, on turnover up 5.2% 
at USDlrl33.2 mil; net profit for the nine months was down 56.5% at 
USDlr9.2 mil, after USDlrl6.8 charges due to the cumulative effect of an 
accounting change, on turnover that rose 7.9% to USDlr389.5 mil. Net 
earnings per share rose 17.1% to USDlr0.82 in the quarter, fell 56.9% to 
USDlr0.69 in the nine months.* 

COMPANY: DIEBOLD 
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PRODUCT: Cash Dispensers/ ATM Systems (3573CD) ; 
EVENT: COMPANY REPORTS & ACCOUNTS - QUARTERLY (83); 

COUNTRY: United States (1USA); NATO Countries (420); South East Asia 
Treaty Organisation (913); 



22/5/14 (Item 1 from file: 474) 

DIALOG.(R) File 474: New York Times Abs 

(c) 2005 The New York Times. All rts. reserv. 

07720475 NYT Sequence Number: 134171991026 
DIE BOLD TO BUY BRAZILIAN A.T.M. MAKER 

Dow Jones 

New York Times, Col. 1, Pg. 4, Sec. C 
Tuesday October 26 1999 

DOCUMENT TYPE: Newspaper JOURNAL CODE: NYT LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

Automated teller machine manufacturer Diebold Inc acquires Procomp 
Amazonia Industria Electronica SA, Brazilian maker of ATM 's, for $225 
million in cash and stock (S) 

COMPANY NAMES: Procomp Amazonia Industria Electronica SA; Diebold Inc 
DESCRIPTORS: Mergers, Acquisitions and Divestitures 



22/5/15 (Item 2 from file: 474) 

DIALOG (R) File 474: New York Times Abs 

(c) 2005 The New York Times. All rts. reserv. 

06009469 NYT Sequence Number: 588342910903 
JOB FOR I.B.M. ; DIEBOLD IN DEAL 

Reuters 

New York Times, Col. 6, Pg. 5, Sec. D 
Tuesday September 3 1991 

DOCUMENT TYPE: Newspaper JOURNAL CODE: NYT LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

International Business Machines Corp wins contract to provide computers 
and automated bank teller machines for Bank Slaski of Poland; Daimler-Benz 
AG says one of its units acquired majority stake in European operations of 
Diebold Inc (S) 

COMPANY NAMES: BANK SLASKI (POLAND); INTERNATIONAL BUSINESS MACHINES CORP 

(IBM); DAIMLER-BENZ AG; DIEBOLD INC 
DESCRIPTORS:- DATA PROCESSING (COMPUTERS); AUTOMATIC TELLER MACHINES 

( ATM ) ; BANKS AND BANKING 
GEOGRAPHIC NAMES: POLAND 



22/5/16 (Item 3 from file: 474) 

DIALOG (R) File 474: New York Times Abs 

(c) 2005 The New York Times. All rts. reserv. 

05813532 NYT Sequence Number: 000000900915 
COMPANY BRIEFS 

New York Times, Col. 1, Pg. 33, Sec. 1 
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Saturday September 15 1990 

DOCUMENT TYPE: Newspaper JOURNAL CODE: NYT LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

Diebold Inc and International Business Machines Corp says it has 
formed Interbold, joint venture that will provide automated teller machines 
and financial self-service systems worldwide (S) 

COMPANY NAMES: INTERBOLD; DIEBOLD INC ; INTERNATIONAL BUSINESS MACHINES 
CORP (IBM) 

DESCRIPTORS: JOINT VENTURES AND CONSORTIUMS; AUTOMATIC TELLER 
MACHINES ( ATM ) 



22/5/17 (Item 4 from file: 474) 

DIALOG (R) File 474:New York Times Abs 

(c) 2005 The New York Times. All rts. reserv. 

05797928 NYT Sequence Number: 210782900713 
I. B. M. , -DIEBOLD JOINT VENTURE 
New York Times, Col. 3, Pg. 4, Sec. D 
Friday July 13 1990 

DOCUMENT TYPE: Newspaper JOURNAL CODE: NYT LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

International Business Machines Corp and Diebold Inc to combine 
their automated teller machine operations and develop and market new and 
existing products worldwide under a joint venture (S) 

COMPANY NAMES: INTERNATIONAL BUSINESS MACHINES CORP (IBM); DIEBOLD INC 
DESCRIPTORS: AUTOMATIC TELLER MACHINES ; JOINT VENTURES AND 
CONSORTIUMS 



22/5/18 (Item 5 from file: 474) 

DIALOG (R) File 474: New York Times Abs 

(c) 2005 The New York Times. All rts. reserv. 

01195631 NYT Sequence Number: 081312820908 

(NV Philips (Netherlands) subsidiary agrees to market Diebold Inc 

automatic teller machines worldwide (S) . ) 
New York Times, Col. 6, Pg. 8, Sec. 4 
Wednesday September 8 1982 

DOCUMENT TYPE: Newspaper JOURNAL CODE: NYT LANGUAGE: English 
RECORD TYPE: Abstract 

COMPANY NAMES: PHILIPS GLOEILAMPENFABRIEKEN NV (PHILIPS LAMP CO); DIEBOLD 
INC 

DESCRIPTORS: ELECTRONICS; INTERNATIONAL TRADE AND WORLD MARKET; CUSTOMER 
BANK COMMUNICATION TERMINALS ; FRANCHISES AND LICENSING AGREEMENTS; 
MACHINERY AND EQUIPMENT 

GEOGRAPHIC NAMES: NETHERLANDS 



22/5/19 (Item 1 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 
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08072762 NYT Sequence Number: 000000000829 
ENTERPRISE 

TANNENBAUM, JEFFREY A 

Wall Street Journal, Col. 3, Pg. 2, Sec. B 
Tuesday August 29 2000 

DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

Enterprise column reports Diebold Inc 1 s D-CASH marketing program 
offers cash machines to merchants under five-year franchise program, 
reducing merchants 1 break-even point on machines to 150 transactions per 
month from 4 00 (M) 

COMPANY NAMES: DIEBOLD INC 

DESCRIPTORS: AUTOMATIC TELLER MACHINES 

PERSONAL NAMES : TANNENBAUM, JEFFREY A 



22/5/20 (Item 2 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 

08021444 NYT Sequence Number: 000000990512 

BANK UNITED SAYS: DON'T FIRE (CASH) UNTIL YOU SEE THE COLORS OF THEIR EYES 
BROOKS, RICK 

Wall Street Journal, Col. 3, Pg. 2, Sec. B 
Wednesday May 12 1999 

DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT : 

Bank United Corp, hoping to attract customers drawn to new technology, 
will install the nation's first automated teller machines that can identify 
customers by looking at their eyes; the machines, manufactured by Diebold 

Inc , use a camera system developed by Sensar Inc to photograph the 
customer's iris and compare it with an image already on file at the bank 
(M) 

COMPANY NAMES: BANK UNITED CORP; DIEBOLD INC ; SENSAR INC 
DESCRIPTORS: BANKS AND BANKING; AUTOMATIC TELLER MACHINES ( ATM ); 

IDENTIFICATION DEVICES 
PERSONAL NAMES: BROOKS, RICK 



22/5/21 (Item 3 from file: 475) 

DIALOG (R).File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 

07944794 NYT Sequence Number: 000000970630 
INTERNATIONAL BUSINESS MACHINES CORP 

Wall Street Journal, Col. 3, Pg. 11, Sec. A 
Monday June 30 1997 

DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

Interbold, joint venture of Diebold Inc and IBM, will discontinue 
marketing and distribution agreement with IBM that gave IBM exclusive 
rights to distribute its automated teller machines in many areas outside US 
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(S) 

COMPANY NAMES: Interbold (Co); Diebold Inc ; INTERNATIONAL BUSINESS 
MACHINES CORP 

DESCRIPTORS: Automatic Teller Machines { Atm ) 



22/5/22 (Item 4 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 

06531908 
WHO'S NEWS 

Wall Street Journal, Col. 5, Pg. 2, Sec. B 
Monday August 2 1993. 

DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

Diebold Inc names Alben W Warf as vice president and general 
manager of InterBold, its automatic teller machine and self service 
systems joint venture with IBM succeeding Gregg A Searle who was promoted 
to executive vice president (M) 

COMPANY NAMES: DIEBOLD INC ; INTERBOLD; INTERNATIONAL BUSINESS MACHINES 
CORP (IBM) 

DESCRIPTORS: JOINT VENTURES AND CONSORTIUMS; APPOINTMENTS AND EXECUTIVE 

CHANGES; BIOGRAPHICAL INFORMATION 
PERSONAL NAMES: WARF, ALBEN W; SEARLE, GREGG A 



22/5/23 (Item 5 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 

06528319 
BUSINESS BRIEFS 

Wall Street Journal, Col. 6, Pg. 4, Sec. B 
Thursday October 28 1993 

DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

Diebold Inc says it agreed to acquire 50% of OLTP ATM Systems CA 
of Caracas (Venezuela) ; terms undisclosed (M) 

COMPANY NAMES: DIEBOLD INC ; OLTP ATM SYSTEMS CA 

DESCRIPTORS: MERGERS, ACQUISITIONS AND DIVESTITURES; AUTOMATIC TELLER 

MACHINES ( ATM ) 
GEOGRAPHIC NAMES: VENEZUELA 



22/5/24 (Item 6 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 

06516976 

DIEBOLD FORMS CHINESE VENTURE 

Wall Street Journal, Col. 5, Pg. 5, Sec. A 
Thursday May 27 1993 
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DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT : 

Diebold Inc , a maker of automated teller machines and security 
products, says it formed a joint venture to make ATMs in China; terms are 
not disclosed (S) 

COMPANY NAMES: DIEBOLD INC 

DESCRIPTORS: JOINT VENTURES AND CONSORTIUMS; FOREIGN INVESTMENTS; 

AUTOMATIC TELLER MACHINES ( ATM ) 
GEOGRAPHIC NAMES: CHINA 



22/5/25 (Item 7 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts . reserv. 

06263145 
BUSINESS BRIEFS 

Wall Street Journal, Col. 6, Pg. 8, Sec. B 
Monday April 27 1992 

DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT : 

Interbold, joint venture of Diebold Inc and International Business 
Machines Corp, gets BankAmerica order for 1,523 automated tellers (S) 

COMPANY NAMES: DIEBOLD' INC ; INTERBOLD; INTERNATIONAL BUSINESS MACHINES 

CORP (IBM); BANKAMERICA CORP 
DESCRIPTORS: AUTOMATIC TELLER MACHINES ( ATM ) 



22/5/26 (Item 8 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 

05774086 

CORRECTIONS & AMPLIFICATIONS 

Wall Street Journal, Col. 1, Pg. 8, Sec. A 
Wednesday September 19 1990 

DOCUMENT TYPE: Newspaper JOURNAL CODE: WSJ LANGUAGE: English 
RECORD TYPE: Abstract 

ABSTRACT: 

Diebold Inc and IBM says their joint venture to make and sell 
automatic teller machines will begin operations immediately; starting 
date of new company was incorrectly stated in Sept 14 editions (S) 

COMPANY NAMES: DIEBOLD INC ; INTERNATIONAL BUSINESS MACHINES CORP (IBM) 
DESCRIPTORS: CORRECTION STORIES; AUTOMATIC TELLER MACHINES ( ATM ) 



22/5/27 (Item 9 from file: 475) 

DIALOG (R) File 475: Wall Street Journal Abs 

(c) 2005 The New York Times. All rts. reserv. 

05773774 

DIEBOLD, IBM JOINT VENTURE 
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Wall Street Journal, Col. 6, Pg. 16, Sec. C 
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